SSL VPN and Geo IP addresses

Forum|Forum|10 years ago
April 19, 2016
1 reply
11868 views

Hi,

is it possible to restrict access to ssl vpn by means of Geo IP addresses (Fortios FW 5.2.6)? I couldn't find a way to do this.

Thanks and regards

Ueli

craigusza

New Member

Hi Ueli,

Yes this is possible.

Go to [Policy & Objects].[Objects].[Addresses] in the GUI

Create a new address with the type Geography and select the required Country.

Save the Address

Then proceed to [VPN].[SSL].[Settings] in the GUI

Under connection settings select the radio button {Limit access to specific hosts} and select the address you created above. You can select multiple addresses in this list. Alternatively you can create an address group and reference that group in the SSL VPN settings.

Regards,

Craig

fernet17Author

New Member

Hello Craig,

thanks a lot for your qick replay. Works like a charm!

Regards

Ueli

FortiMess

New Member

Is it possible to do this with an IPsec VPN? I tried setting the phase 2 selector remote IP range to change it from 0.0.0.0, but I can't use the Geography type address object I created for the US.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded