Technical Tip: How to disable SSL VPN Web Mode or Tunnel Mode in SSL VPN portal
| Description | This article describes how to disable SSL VPN Web Mode or Tunnel Mode for specific portals. |
| Scope | FortiGate. |
| Solution | Toggle the 'Enable Web Mode' and 'Tunnel Mode' radio buttons.
From CLI, use the command 'config vpn ssl web portal' and edit the specific portal.
In this example SSL VPN Mode portal.
config vpn ssl web portal edit "SSLVPN Mode" set tunnel-mode disable <----- Unset tunnel-mode. set web-mode disable <----- Unset web-mode. end end
From v7.4.1, the web mode can be disabled globally using the command: config system global
Refer to this document for more details: Technical Tip: How to disable SSL VPN web-mode globally. From v7.6.0, the SSL VPN function has been removed from models with 2GB of RAM. SSL VPN removed from 2GB RAM models for tunnel and web mode
Note: For Web Mode, although the web mode is disabled, users can still log in, but will get a warning like below once logged in.
To completely remove the SSL VPN web portal from being displayed when SSL VPN mode is disabled, follow the steps from the link below. Remove the HTML body section of the SSL VPN login page replacement message: Technical Tip: How to prevent the SSL VPN web login portal from displaying when SSL VPN web mode is disabled.
If web mode is needed, an alternative method is available: Technical Tip: Alternatives to SSL VPN web mode.
Note:
|
