Skip to main content
Umesh
Umesh
Explorer II
February 20, 2025
Question

SSL VPN packet flow tunnel mode vs web mode

  • February 20, 2025
  • 2 replies
  • 1114 views

Hello community.

 

Can anybody make me understand two things as I mentioned in subject, how packet flow happens If first time remote users (SSL VPN user using forticlient)  connect to organization networks.

 

I have search a lot but couldn't find packet flow.

 

 

Your support will be more applicable.

 

 

Thanks. 

2 replies

AEK
SuperUser
AEK
SuperUser
February 21, 2025

Hello Umesh

I'm not sure if I understand well your question but I'll try to respond as per my understanding.

In Web mode you connect via your browser to the FortiGate's Web server, which (FGT) acts as a proxy and becomes the direct client of the back-end servers, while your laptop is the direct client of the FortiGate's Web server.

In tunnel mode FortiGate doesn't act as a proxy, the tunnel makes your laptop just like if it was on the local Corp network, so you access directly to the back-end servers without any proxy in between.

Hope this is what you are looking for.

AEK
dingjerry_FTNT
Staff
dingjerry_FTNT
Staff
February 22, 2025

Hi @Umesh ,

 

What @AEK said is correct.  

 

More info:

 

SSL VPN web mode is a clientless solution with a connection via the web portal (using a browser).

 

So technically, if you use FortiClient to connect to the SSL VPN, it is not web mode.  It is tunnel mode.

Terms & ConditionsAccessibility statement