NSX SSL VPN-Plus | Adding Client Configurations in Bulk

Anyone using NSX SSL VPN-Plus feature for more than one site will quickly find there is no mechanism for importing client configurations.  The native method for accessing additional sites is to browse to the Gateway for each site (then download and run the installer).

That’s pretty tedious as your site count increases.  There is a better, albeit unsupported, way to manage this need.

SSL VPN-Plus naclient on Windows

In windows, client configuration is stored in the registry.  You can manipulate the windows registry using .reg files.

Open up a text editor, and prepare a file with all of your sites using the following format.  Replace the GatewayList value with your site’s gateway IP address

 Windows Registry Editor Version 5.00

 [HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\SSL VPN-Plus Client\Connection #1]

 [HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\SSL VPN-Plus Client\Connection #2]

 [HKEY_LOCAL_MACHINE\SOFTWARE\VMware, Inc.\SSL VPN-Plus Client\Connection #20]

Save the file as a .reg file, the name of the file is arbitrary.

Exit the SSL VPN-Plus naclient application

Import the .reg file

Navigate to HKLM\SOFTWARE\VMware, Inc.\SSL VPN-Plus Client and verify the connections were imported.

Update the ConnectionCount to the total number of sites.  This is important; if the number doesn’t match, naclient will not start.

Start the naclient (C:\Program Files\VMware\SSL VPN-Plus Client\SVPclient.exe)

SSL VPN-Plus naclient on MAC OS X 

This one is easier, the client settings are stored in /opt/sslvpn-plus/naclient/naclient.conf

Quit the naclient application.  Add the site configurations to naclient.conf

vi /opt/sslvpn-plus/naclient/naclient.conf
 site1 site1-ip:443 256 
 site2 site2-ip:443 256 
 site20 site20-ip:443 256

Start the naclient.

That is all peeps.  Have a nice day.