Skip to main content
damianhlozano
damianhlozano
Explorer II
April 22, 2022
Solved

Questions about VPN licences

  • April 22, 2022
  • 5 replies
  • 45920 views

Hello team!!

 

I have many questions about VPN Licences.

I think I understand the following, please let me know if I am wrong:

* Up to FortiOS 6.2: I have licences for 10 Standalone Forticlient

* From FortiOS 6.2 or higher: Unlimited Standalone Forticlients

 

In first place I don't care about support, I am worried about how many client I could connect to Fortigate VPN.

What about L2TP VPNs?  There is a limit for the amount of clients?

I see an article here for FortiClient, but not for L2TP VPNs.

 

Thanks in advance.

Regards.

Damián

 

Best answer by tio3udes

There's no licensing limitation for that @damianhlozano ! That's  one of the beatiful things about working with fortinet.

 

What you might have is a limitation due to the model of the firewall, which you can check here:

 

https://docs.fortinet.com/max-value-table

 

Other than that, kock yourself out man! set up as many l2tp tunnels you need!

5 replies

Yurisk
SuperUser
Yurisk
SuperUser
April 22, 2022

Hi Damian, either I got you wrong, or we are talking about different things.

 

  • Forticlient VPN-only functionality (both IPsec and SSL) is free no matter what is the version of either Fortigate or Forticlient. 
  • Forticlient (FC) version up to and including 6.0 was free in ALL functions, not only VPN - but Web FIltering, A/V etc. Starting with FC 6.2 you have to buy EMS license to have the same functionality, but VPN is still free.
  • There is no limit on Fortigate how many VPN clients (IPsec/SSL) can connect to it, in ANy model or version. It only depends on Fortigate capacity - how many FC clients can it handle CPU and memory-wise.
  • "10 licenses per Fortigate" you mentioned was in older (up to 6.2) FortiOS versions and it was for MANAGING FCs centrally from the Fortigate firewall directly (pushing policy to FCs, configuring Endpoint checks for FCs etc.), and not using separate EMS server. This option does not exist anymore at the FortiOS level as far as I know, no matter what license you have.

HTH

Edit: for grammar.

 

    vishal1
    vishal1
    Explorer
    September 18, 2024

    It means using forticlient without any ems license does not include fortinet support for any troubleshooting alongwith can't use security features like avc, web filtering in ssl vpn ipv4 policy

    damianhlozano
    damianhlozanoAuthor
    Explorer II
    April 22, 2022

    Thanks Yurisk!!

    That is what I needed to know

    What about L2TP VPNs (Without FortiClient)?  Is still free and without limits about amount of clients connected at the same time?

     

    Regards,

    Damián

    tio3udes
    tio3udesAnswer
    Explorer III
    April 22, 2022

    There's no licensing limitation for that @damianhlozano ! That's  one of the beatiful things about working with fortinet.

     

    What you might have is a limitation due to the model of the firewall, which you can check here:

     

    https://docs.fortinet.com/max-value-table

     

    Other than that, kock yourself out man! set up as many l2tp tunnels you need!

      damianhlozano
      damianhlozanoAuthor
      Explorer II
      April 22, 2022

      Thank you tio3udes

      smankar_123
      smankar_123
      New Member
      July 22, 2025

      How Many supported SSL VPN concurrent session on 100E device without license?

      Toshi_Esumi
      SuperUser
      Toshi_Esumi
      SuperUser
      July 22, 2025

      The datasheet says...
         "Concurrent SSL-VPN Users (Recommended Maximum, Tunnel Mode) : 500"
      https://www.firewalls.com/pub/media/wysiwyg/datasheets/Fortinet/FG-100E.pdf?srsltid=AfmBOor7Nf4_yalXsUAzQBnMOGQbEkJ23-Q5Rh9da69O7-V1yu6jVsEW

      Toshi

        smankar_123
        smankar_123
        New Member
        July 22, 2025

        Thanks Toshi..I have refered data sheet but my query is do we need any SSL license or by default it will support 500 concureent SSL session

         

        Yurisk
        SuperUser
        Yurisk
        SuperUser
        July 22, 2025

        SSL VPN connections are UNlicensed feature on Fortigate - there is no license to apply to the Fortigate in regards to SSL VPN. The limit is purely performance-based - 500  concurrent connections before it becomes too much load on the FGT, but you WILL be able to connect > 500 users concurrently, technically. Also take into consideration that these performance-based limits are set for very specific conditions, when no other features on FGT are enabled. On real-life FGT with Security Rules, AV/IPS scanning, etc. the performance limit will be much lower than 500 users. So the only way to know for sure is to test before deploying in production. 

         

          Terms & ConditionsAccessibility statement