Skip to main content
atravel
atravel
Explorer III
August 15, 2023
Solved

Can we default which SSL VPN option is given to clients?

  • August 15, 2023
  • 4 replies
  • 2689 views

We have two SSL tunnels, one is not quite ready. Can we only present one tunnel to the clients and "hide" the other one for now? 

Best answer by btan

Hi @atravel,

 

The 'Current Connection' will only preselect the tunnel when end user navigate to 'Remote Access' tab in FCT.
We currently do not have an option to hide a tunnel.
Let's say you have Tunnel-A and Tunnel-B. Tunnel-B is not ready.
End users will always be able to see Tunnel-B in the dropdown list.

IMO you can simply delete Tunnel-B in the profile, and add it back when it is ready.

4 replies

akanibek
Staff
akanibek
Staff
August 15, 2023

@atravel , what do you mean under "hiding"? You want users to match to only one tunnel? Or, you want to really hide the tunnel which is not ready to not be configured by some admins?

atravel
atravelAuthor
Explorer III
August 15, 2023

I want the end user to not see one of the two tunnels. Either by hiding it or not listing it in the drop down. 

atravel
atravelAuthor
Explorer III
August 15, 2023

Would either of these two option do what Im looking for? 

 

Capture.JPG

btan
Staff & Editor
btanAnswer
Staff & Editor
August 16, 2023

Hi @atravel,

 

The 'Current Connection' will only preselect the tunnel when end user navigate to 'Remote Access' tab in FCT.
We currently do not have an option to hide a tunnel.
Let's say you have Tunnel-A and Tunnel-B. Tunnel-B is not ready.
End users will always be able to see Tunnel-B in the dropdown list.

IMO you can simply delete Tunnel-B in the profile, and add it back when it is ready.

    atravel
    atravelAuthor
    Explorer III
    August 16, 2023

    In which profile? 

    amrutwell
    amrutwell
    New Member
    August 16, 2023

    Ive run into some issues with MFA in my environment. We had tried using email-OTP. On mobile, forticlient prompts for the OTP properly, enter it and you're connected. On the desktop, Forticlient just errors out but the OTP is still received in the users inbox... so the fortigate is holding up its end of the bargain, but forticlient for some reason doesnt know to prompt the user.

      Terms & ConditionsAccessibility statement