Created on 10-19-2021 10:10 AM Edited on 05-26-2022 07:11 AM
Description
Solution
To overcome the issue of the user not matching the SSL-VPN firewall policy we add the user group 'A1' to the same portal mapping where user group 'A2' is mapped.
From CLI.
# config vpn ssl settingsset servercert "self-sign"set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1"set tunnel-ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"set source-interface "port2"set source-address "all"set source-address6 "all"set default-portal "web-access"# config authentication-ruleedit 1set groups "A1" "A2"set portal "full-access"set realm "Realm1"nextendendNote.
In this scenario realms and full tunnel are used.
Related Articles
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.