In ESP-enabled Novell SSL VPN, the process involved in establishing a secure connection between a client machine and the different components of Novell Access Manager is as follows:
The user specifies the following URL to access the SSL VPN server:
https://<www.sslvpn.novell.com>/sslvpn/login
<www.sslvpn.novell.com> is the DNS name of the SSL VPN server, and /sslvpn/login is the path of the SSL VPN server.
The SSL VPN redirects the browser to the Identity Server for authentication.
After successful authentication, the Identity Server redirects the browser back to SSL VPN.
The Identity Server propagates the session information to the SSL VPN server through the Embedded Service Provider.
The SSL VPN server injects the SSL VPN policy for that user into the SSL VPN servlet. The SSL VPN servlet processes the parameters and sends the policy information back to the server.
The SSL VPN checks if the client machine has sufficient security restraints. For more information on client integrity checks, see Section 14.1, Configuring Policies to Check the Integrity of Client Machine.
When the user accesses the applications behind the protected network, the connection goes through the secure tunnel formed with the SSL VPN server.
The browser stays open throughout the SSL VPN connection to allow the keep-alive packets.
When the user clicks the logout button to close the SSL VPN session, all the client components are automatically uninstalled from the workstation.