Skip to main content
one_co_il
one_co_il
New Member
September 24, 2017
Solved

Multiple Dailup VPN Same Interface

  • September 24, 2017
  • 1 reply
  • 19713 views

Hi

I'm trying to create 2 different Dialup VPN (ios Native) with different user group and different IP range

so one VPN will only access a web server and the other VPN will have full control over the network

 

for now it seems that i can only creat one VPN the users that trying to connect to the second VPN gets Negotiation Failed.

what is the correct way for doing that?

Is there any way to do so with one VPN?

 

 

Best answer by Toshi_Esumi

I've never seen it in FortiClient's GUI menu. I'm not sure it's configurable in iPhone and Android phone app. For those devices, SSL VPN is more common, which is dial-up by nature and also you can use either LDAP server or Realms to separate user groups to apply different policies. Lots of discussions about SSL VPN in this forum you can refer to.

1 reply

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
September 25, 2017

If it's IPSec vpn and the client side can be configured with "peer id" or "server id", you can set "local id" on the Fortigate side at the phase1-interfaces. Otherwise you need to separate them by VDOMs.

ede_pfau
SuperUser
ede_pfau
SuperUser
September 26, 2017

Exactly, use peerIDs to seperate VPNs. This is well documented in the Admin Guide or the Cookbook (I think...). FortiClient should support peerID even on iOS.

daac
daac
New Member
February 2, 2018

Hello I would like your help regarding two vpn dialup in the same interface, if I set up a local Id the Fortigate in Forticlient I do not see any peer id option, the only thing I could do to work for me was to allow an id xxx in fortigate and in the forticlient configure in local id xxx, or that another option exists. Thank you

Terms & ConditionsAccessibility statement