How to Connect to an Astaro SSL VPN using OS X


I’ve been stupid for Astaro since the early 00’s and I remain so today. Today I run it in a virtual machine on an ESXi server instead of on a dedicated box, but it remains my favorite firewall of all time. Checkpoint comes close, but doesn’t quite make it. Anyway, here’s how to use your Mac to connect to your home network behind an Astaro box using SSL remote access.

So here are the steps:

Configure the SSL VPN in Astaro

Pretty standard, really: configure a hostname that’ll be reachable externally. I use DYNDNS (Astaro has a client for updating it). Configure authentication (I use a backend AD for that).


Enable the User Portal in Astaro Temporarily

I don’t use this functionality so I had to enable it just to do this step. Once it’s enabled, navigate to the Astaro box and log in as the user you’re going to be remoting in as. You’ll have the option to download VPN stuff. Do that.

Screen Shot 2011 03 23 at 10.29.23 pm

Download the Viscosity VPN Client

The client is available here, and it’s $9. Easily worth it in my opinion.

Viscosity Client

Unsupervised Learning — Security, Tech, and AI in 10 minutes…

Get a weekly breakdown of what's happening in security and tech—and why it matters.

Open the Viscosity Client and Import the Config File from Astaro

Just click the plus icon and navigate to where you downloaded the VPN content from Astaro. Within it you’ll see a config file, which is what you’re importing.

Once you’ve imported it you have a valid config and you’re ready to go.



I keep my client in the menu bar, and from there I just pull down the menu and choose my config from the list. Authenticate and boom–you’re in. It even stores your VPN creds in the OS X Keychain.


Enjoy. ::

Related posts: