This article describes how to disable SSL VPN Web Mode or Tunnel Mode for specific portals.

Toggle the 'Enable Web Mode' and 'Tunnel Mode' radio buttons.

From CLI, use the command 'config vpn ssl web portal' and edit the specific portal.

In this example SSL VPN Mode portal.

config vpn ssl web portal

    edit "SSLVPN Mode"

        set tunnel-mode disable <----- Unset tunnel-mode.

        set web-mode disable  <----- Unset web-mode.

        end

end

From v7.4.1, the web mode can be disabled globally using the command:

config system global
    set sslvpn-web-mode disable
end

Refer to this document for more detail: Technical Tip: How to disable SSL VPN web-mode globally.

From v7.6.0, the SSL VPN function has been removed from models with 2GB of RAM.

SSL VPN removed from 2GB RAM models for tunnel and web mode

Note:

For Web Mode, although the web mode is disabled, users still can log in but will get a warning like below once log in.

To completely remove the SSL VPN web portal from being displayed when SSL VPN mode is disabled, follow the steps from the below link. Remove the HTML body section of the SSL VPN login page replacement message: How to prevent the SSL-VPN web login portal from displaying when SSL-VPN web mode is disabled.

If web mode is needed, an alternative method is available: Technical Tip: Alternatives to SSL VPN web mode

Note:

• In v7.6.3, SSL VPN tunnel mode is no longer supported.
• From v7.6.0, web mode is not supported on devices with 2GB of RAM.