Using Forefront Unified Access Gateway (UAG), you can provide remote client VPN access to the internal corporate network by publishing the SSL Network Tunneling application. You can implement remote client VPN access by using Secure Sockets Tunneling Protocol (SSTP), or by using the legacy proprietary Forefront UAG Network Connector.
The following are the advantages of SSTP deployment:
- SSTP does not require driver installation on
- SSTP requires only a single HTTPS connection
to a Forefront UAG server.
- SSTP supports the allocation of IP addresses
to remote VPN clients using DHCP; with Network Connector a static
address pool must be used.
- Note that SSTP deployment requires that
Forefront UAG servers belong to a domain.
The end user experience is similar whether the remote VPN client connects using SSTP or Network Connector, with the following variations:
- If SSTP is used, after client authentication
and endpoint access checks, the user launches the Remote Network
Access application in the portal, and connects seamlessly to the
corporate network without the need to authenticate again. In a
dial-up scenario, the user activates SSTP directly from the
- If Network Connector is used, the Network
Connector application establishes the connection.
- If SSTP is used, the SSTP connection is
terminated when the user logs off the portal.
For instructions on configuring SSL network tunneling using SSTP, see Publishing remote network access with SSTP.
For instructions on configuring SSL network tunneling using Network Connector, see Publishing remote network access with Network Connector.