Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
sreddi
Staff
Staff

Created on ‎10-29-2019 07:50 AM Edited on ‎10-09-2024 09:46 PM By Community Manager

Article Id 189668

Technical Tip: SSL VPN Redundancy

Description


This article describes how to achieve SSL VPN redundancy using two WAN links.

Solution


Use the following steps in order to guarantee VPN connectivity to any of both WAN interfaces.

Define them in VPN -> SSL-VPN Settings -> Listen on Interface(s) and make sure that both are added.

Or by CLI:
 
config vpn ssl settings
    set source-interface "wan1" "wan2"
end
 
Note:
Adding multiple interfaces in the 'Listen on Interface(s)' field does not require a reboot or cause any disconnections for the existing connected SSL VPN users.
 
If a secondary WAN IP is needed, follow this KB article: 
 
Create a firewall policy for each WAN interface as shown in the document:
5800
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.