Technical Tip: VNC entry does not show as an option on SSL-VPN Web mode
| Description | The article describes how to resolve the issue when the VNC protocol does not show under New Bookmark when the user connects via SSL VPN Web mode. |
| Scope | FortiGate. |
| Solution | There are cases when one or a few protocols are pre-defined to be used under New Bookmark when the user connects to the SSL-VPN Web mode, as seen below:
As noticed, the VNC protocol is not part of the protocols available. The configuration for this portal (full-access in our case) on FortiGate is as follows:
FortiGate # config vpn ssl web portal FortiGate (portal) # show end
Note: If an option is not available under the CLI configuration for different settings, always check with 'show full-configuration'.
In this case, as seen, the protocol options are not part of the configuration, after executing 'show full':
FortiGate (full-access) # show full-configuration ...... next end
Here, only the following protocols are allowed for the user to access: web ftp smb sftp telnet ssh rdp ping
To resolve the issue, the VNC protocol should be included in the configuration:
FortiGate # config vpn ssl web portal FortiGate (portal) # edit full-access FortiGate (full-access) # set allow-user-access web ftp smb sftp telnet ssh rdp ping vnc FortiGate (full-access) # end
The configuration now will look as follows:
FortiGate (full-access) # show full-configuration ........ next end
After logging out and logging in on the Web portal and selecting New Bookmark, the option will now be available for selection:
By default, all the options are available. Depending on the network requirements, different protocols can be removed for different portals. |
