Fortigate v7.2.1 - Used for VPN Only (No WAN Interface)

Question

I'm currently demoing Fortigate v7.2.1 as a HyperV VM to replace our current SSL-VPN solution. At the moment, the Fortigate VM is only being used for SSL-VPN and not as our firewall appliance so there is no WAN interface connected. I've followed the Fortigate Cookbook for SSL-VPN (Cookbook | FortiGate / FortiOS 6.0.0 | Fortinet Documentation Library) but my SSL VPN web interface is not coming up.

When I attempt to connect to the local IP for the SSL VPN I'm getting "The connection for this site is not secure. 172.16.0.5 used an unsupported protocol; ERR_SSL_VERSION_OR_CIPHER_MISMATCH. The client and server dont support a common SSL protocol version or cipher suite"

NOTE: I am running my https admin interface on port 4443 and the SSL-VPN on port 443

Being new to Fortigate and only running a trial license I'm at a loss. Is it possible to run Fortigate for just an SSL-VPN appliance only?

SteveTheITDude · Accepted Answer

Hi Anthony,

Thanks for checking into this but I have found the answer. I reached out to the Account Manager I have been speaking with and they ended up asking one of the engineers. It turns out when using the trial license the encryption level is limited:

"..only DES encryption is allowed (except for management, in which full encryption is enabled), meaning that SSL VPN is not possible, but IPSEC VPN with DES is still possible for testing purposes."

Anthony_E · Answer

Hello Steve,   Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.   Regards,

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded