Basic configuration

Fortinet FortiGate SSL VPN

FortiOS 5.2 Update: SSL VPN Configuration on FortiGate
Select Create New and add an authentication rule for the second remote group: Enter portal2 in the Name field and select OK. While exploring FortiOS 5. If you see an error saying that the "service could not be started", open the Application Event Viewer and look for an Error from the source "DuoAuthProxy". When you enter your username and password, you will receive an automatic push or phone callback. Add a new connection.

Split Tunnel

FortiOS 5.6 SSL VPN Setup examples

Of course, these would be set to whatever is appropriate for your environment. Then we will start to configure settings for our VPN. Notice that it is much different than 5. Before it was in many different places. Also notice at the bottom there is the users who can log into this device, and what portal they will see.

You can totally customize this so that domain admins get one portal and restricted users get another. If you only have one profile then modify this.

If you have multiple portals, add the most specific first, then make the standard catch-all this profile. This is also a big change from 5. Adding the local subnets basically allows VPN clients to have access to those networks.

You could use any here but I chose to use my local subnets. That should be it, but there are some considerations that should always be taken into account. I think I've done everything correctly according to the "fortigate ssl vpn user guide", but when I try to login with the username in the web-browser, it doesn't log me in and gives an error message - "Error: In the log I get this error message: This is what I configured in the Fortigate: Encryption I set on Low even though I tried with all , require client certificate not enabled even though it didn't work also when it was enabled.

In the firewall section, in the Address, I added ip range for internal network and external for the IP that the router is giving to the VPN clients. In the firewall policy, I added a new one, source is external, destination is internal, action is ssl-vpn and allowed the user group of the SSl-vpn. Thanks and have a wonderful day, Yoav. Check the Fortinet Knowledge Base for better guidance. Note this question was from four years ago Back to Networks Forum 3 total posts Page 1 of 1.

2. Creating an SSL VPN portal for remote users