Change VPN SSL interface

Forum|Forum|9 years ago
March 3, 2017
1 reply
19081 views

Hi guys.

I have two Fortinets 80C in cluster. I configured the VPN SSL access some time ago on WAN1, it worked fine. Now I need to move the VPN SSL to WAN2, changed in VPN->SSL->Settings ->Listen on interface from WAN1 to WAN2, port 10443, but neither the client not the web page works. The client stops at 10%. It seems the port 10443 is not listening. Restarted the VPN SSL Daemon to no effect, rebooted both nodes to no effect.

Is something more I have to change?

Regards

rkulow

New Member

via cli go to:

config vpn ssl settings

config authentication-rule

edit 1

unset source interface (or set source interface to new interface)

marcelo_malaraAuthor

New Member

Thanks, still no working. True that both auth rule had the old interface, this is a get after I changed to the new:

FGT80C3911606514 (authentication-rule) # get 1

id                  : 1

source-interface:

    == [ wan2 ]

    name: wan2

source-address:

    == [ all ]

    name: all

source-address-negate: disable

source-address6:

source-address6-negate: disable

users:

groups:

    == [ Grupo de usuarios para VPN SSL ]

    name: Grupo de usuarios para VPN SSL

portal              : RDP por VPN

realm               :

client-cert         : disable

cipher              : any

auth                : any

rkulow

New Member

did you tried to unset source-interface?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded