FortiClient with EMS solution for Blackhole routing if RemoteVPN Fails

Forum|Forum|3 years ago
July 29, 2022
3 replies
1760 views

Hi everyone… I am looking for a solution in a interesting case. I want to realize a Remote VPN configuration with FortiClient and FortiEMS (Windows) if the Client is not in our Infrastructure that the Remote VPN is automatically establishing a VPN. That’s the part that works!

But now is the Keyquestion: I want if the Connection via VPN fails (because of blocking or so on) that the rest of the Client Data will go in to Blackhole until the VPN is UP. I want that the Client can not access foreign local Networks with unprotected or unencrypted Data.

Anthony_E

Staff

Hello bakugo,

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Regards,

Best Regards

JonasV

Explorer

Have you concidered if you “blocking” should be done in the local software firewall on the client, i.e Windows Firewall instead?

Just a thought

OwenW

Explorer II

Isn't that what the "Show remote VPN before login option does?"

I was always worried that would blackhole traffic in the event the VPN doesn't come up, as it's "before login" -> and then you could restrict logins to AD direct. But that sounds like exactly your use case. I haven't experimented, so these are just my .02

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded