FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Kush_Patel
Staff
Staff
Article Id 244807
Description

This article describes that when an entry is tried to be added under ‘Authentication/Portal Mapping’ for SSL VPN clients, it throws the following error:

 

Kush_Patel_0-1675542099389.png
Scope FortiGate 7.0, 7.2.
Solution

FortiGate will throw this error if there was a policy configured with the destination address as ‘ALL’ and the source address as any ‘user/user group’ that uses a portal that has split tunneling enabled.

 

In this scenario, policy 6 and ‘full-access’ portal is in the question.

It is possible to get this information from the error in the red dialogue box.

 

Either, it is possible to change the destination in policy 6 or to disable the split tunneling in ‘full-access’ portal.

 

After making any of these changes, it will be possible to add the same entry under ‘Authentication/Portal Mapping’ for SSL VPN Settings.

Contributors