Overview of SSL VPN 17novdocx (en) 16 April 2010For more information on the client platforms and setups tested by Novell, see the Access Manager3.1 Support Pack 1 SSLVPN integration testing report (http://www.novell.com/support/viewContent.do?externalId=7004342&sliceId=1). Section 1.3.1, “Enterprise Mode,” on page 17 Section 1.3.2, “Kiosk Mode,” on page 191.3.1 Enterprise ModeIn Enterprise mode, all applications, including those on the desktop and the toolbar, are enabled forSSL, regardless of whether they were opened before or after connecting to SSL VPN. In thisapproach, a thin client is installed on the user’s workstation. In Enterprise mode, the IP Forwardingfeature is enabled by default.Enterprise mode is recommended for devices that are managed by an organization, such as a laptopprovided by the organization for its employees. Enterprise mode supports the following: Protocols such as TCP, UDP, ICMP, and NetBIOS. Applications that open TCP connections on both sides, such as VoIP and FTP. Enterprise applications such as CRM and SAP*. Applications such as Windows File Sharing systems, the Novell ClientTM, and NovellSecureLogin.You can configure a user to connect only in Enterprise mode, depending on the role of the user. Formore information, see Section 4.2.1, “Configuring Users to Connect Only in Enterprise Mode orKiosk Mode,” on page 56.NOTE: If you have configured a user to connect in Enterprise mode only and that user does notmeet the prerequisites, the SSL VPN connection fails with an appropriate error message if it is usingthe applet-based Web browser, or a blank screen if an ActiveX-based Web browser is used. “Prerequisites” on page 17 “User Scenarios” on page 17PrerequisitesA user can access SSL VPN in Enterprise mode if any one of the following prererequisites is inplace: The user is an administrator or a root user of the machine, or a Super user or an Administratoruser in Windows Vista user. The user is a non-admin or a non-root user who knows the credentials of the administrator orroot user, or a standard user in Windows Vista. The SSL VPN client components are preinstalled on the user’s machine.User ScenariosDepending on which prerequisites are in place, users have different login scenarios. “Scenario 1: The User Is the Admin or Root User of the Machine” on page 18