FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sgiannogloudis
Description This article describes how to configure the SSL-VPN width and height settings in order to have the optimal RDP resolution on users screen.
Scope FortiOS 7.0.6 and 7.2.0.
Solution

There are two ways to configure RDP scaling inside FortiOS:

 

1) Under the SSL-VPN web portal:

 

# config vpn ssl web portal

    edit "RDP_Portal"
        set tunnel-mode enable
        set web-mode enable
        set ip-pools "SSLVPN_TUNNEL_ADDR1"
        # config bookmark-group
            edit "gui-bookmarks"
            # config bookmarks
                edit "RDP"
                   set apptype rdp

                   set host "192.168.1.1"
                   set port 3389

                   set width (0-65535, default = 0)
                   set height (0-65535, default = 0)
           next
    end

 

2) Under Personal or User group bookmarks:

 

# conf vpn ssl web [user-group-bookmark | user-bookmark]
    edit "fortinet#"
    # config bookmarks
        edit "RDP-BOOKMARK"
            set apptype rdp
            set host "10.10.10.10"
            set port 3389

            set width (0-65535, default = 0)
            set height (0-65535, default = 0)
        next
    end

 

There are three factors which decide the final outcome of how RDP will scale:

 

1) If width & height setting under bookmark are non zero values, then these values will be used.


2) If width & height setting under bookmark are zero and width/height setting under portal are not zero, then FortiOS will use the setting configured under the portal.


3) If width & height setting are zero under both bookmark and portal, then RDP will auto-scale based on individual users browser's window size.