Fortinet Firewall SSL-VPN Configuration

In this article we will see SSL-VPN Configuration.

Configure User and User Group
User & Authentication -> User Definition -> Create New -> Select Local User and Click Next -> Enter Username and Password and click on Next -> Enble Two-factor Authentication if required and click Next -> User Account Status: Enable and click Submit.

User & Authentication -> User Group -> Create New -> Name: VPN USERS -> Type: Firewall -> Members: Select the User Created and click on OK.

SSL-VPN Portals
VPN -> SSL-VPN Portals -> Edit tunnel-access Policy and Disable Enable Split Tunneling and Click OK.

SSL-VPN Settings
VPN -> SSL-VPN Settings -> Enable SSL-VPN: Enable -> Listen on Interface(s): Select WAN interface -> Listen on Port: 4443 -> Under Authentication/Portal Mapping click on Create New -> Users/Groups: Select VPN USERS -> Portal: Select tunnel-access and click on OK -> Apply.

SSL VPN firewall policies
Policy & Objects -> Firewall Policy -> Create New -> Name: SSL VPN -> Incoming Interface: Select SSL-VPN tunnel interface(ssl.root) -> Outgoing Interface: LAN Interface -> Source: Under Address Select All and Under User Select VPN USERS -> Destination: All -> Schedule: Always -> Service: All -> Action: ACCEPT -> NAT: Disable -> Log Allowed Traffic: Enable and Select All Sessions and Click on OK

Leave a Comment