Hi, we Have a F600E, which is the single main router, firewall and DHCP server to a single LAN. What we want is when a group of VPN clients connect with FortiClient VPN to this device and network, they should only be able to communicate with one machine in that LAN, which is a file server. We don't want VPN connected clients to have access to any other local machines in that network.
How can we achieve this ? Thanks
Hello
You can achieve this request with a firewall policy. You can configure a firewall policy with your user group and allow access to the File server. For example, if you configure a policy like this, you can give access users to the file server.
Source Interface: SSL.root
Destination Interface: <File_Server_Network_Interface>
Source: ssl.vpn.ip.pool -- User group
Destination: <File server IP>
Service: SMB-FTP-SFTP ( You can add or remove services as related to your file server service)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
