IPsec Remote Access VPN "Restrict Access for VPN Users"

Forum|Forum|7 years ago
August 8, 2018
1 reply
3313 views

Hello folks, this is possible to restrict access on remote access base vpn so when vpn user dial a vpn then we make sure that vpn will only be coming through trusted site like one of my user is trying to connect vpn from some other countries but i don't want that. I want only when user connect to vpn so i make sure this will always connect from his home network with it's static public IP. If the connection is trying to be established from some other public IP except my home user IP so we deny that connection.. This is what can we instruct to our firewall FortiWifi 60E with 6.0.2 Firmware ??

Toshi_Esumi

SuperUser

If you know exactly what IPs are allowed to connect IPsec VPNs as their sources, you can try local-in policy to restrict on the interface like in below:

https://help.fortinet.com/fos50hlp/56/Content/FortiOS/fortigate-hardening/local-in.htm

You can use predefined "IKE" service (UDP500/4500) for this config.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded