FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 241896
Description This article describes the current limitations of audio propagation over SSL VPN.
Scope FortiGate v6.4, v7.0, and v7.2 GA releases.

Let's assume that a network administrator has implemented the below topology:




The goal of the network admin is for external RDP clients to connect to the RDP server via SSL VPN and then to be able to perform calls via a VoIP solution to the end user.


As known, there are two ways to connect over SSL VPN:


  1. Tunnel mode which utilizes FortiClient software for the users to establish an SSL connection with the FortiGate.
  2. Web mode which users are connecting directly over SSL using FortiGate's web mode interface.


  • In Web Mode, the FortiGate acts like a proxy server between the RDP Client and the RDP server thus the quality of the sound is hard to be guaranteed. Due to this technical limitation, audio propagation in SSL VPN Web Mode is currently not supported.
  • In Tunnel Mode, the particular goal could be achieved since an internal IP address from the configured IP pool is assigned to the remote external users and a direct communication channel between the client and the server exists.