Skip to main content
KyleShaw
KyleShaw
New Member
January 28, 2025
Question

Configuring SSL VPN on FortiGate – Seeking Advice

  • January 28, 2025
  • 3 replies
  • 1574 views

Hello Community,

 

I'm setting up SSL VPN on a FortiGate device for the first time and could use some guidance. What are the critical settings I should pay attention to for ensuring both ease of use for clients and robust security? If you have any setup tips or resource recommendations,

Spoiler
I am not familier with this technology, passionally I am a professional concreter founder of: www.concretesrichmondva.com

please share!

3 replies

ebilcari
Staff
ebilcari
Staff
January 28, 2025

As a start, you can refer to the best practices listed in the Administration guide. Since you are in the design phase you could also consider the ZTNA solution, here is a comparison between this two solutions.

Emirjon
    AEK
    SuperUser
    AEK
    SuperUser
    January 28, 2025

    Hi Kyle

    SSL VPN is not recommended anymore for security. You should use IPsec VPN or ZTNA instead.

    But if you have no choice and you must use SSL VPN, in that case @Yurisk published a superb hardening guide for it. If you follow all the steps then you should have a well secure VPN.

    https://community.fortinet.com/t5/Support-Forum/Fortigate-SSL-VPN-Hardening-Guide/m-p/249322

    Enjoy!

    AEK
      Toshi_Esumi
      SuperUser
      Toshi_Esumi
      SuperUser
      January 28, 2025

      If your FGT is FG-100x or higher models, SSL VPN is still a legit solution especially when you're hosting multiple customers with multiple VDOMs without needing the EMS server or licenses.

      Toshi

      Terms & ConditionsAccessibility statement