FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
JNDias
Staff
Staff
Description This articles describes how to use one interface for Web admin with a secondary IP for VPN, using both the same port 443.
Scope

FortiGate and FortiClient.

Version 7.2.1.

Solution

1) In the interface or Secondary IP where the SSL-VPN is wanted to work, make sure to have the 'HTTPS' disabled in Administrative Access settings.

2) In FortiGate CLI, make the following change:

 

# config vpn ssl setting
    set port-precedence disable
end

 

Enable/disable, Enable means that if SSL-VPN connections are allowed on an interface admin GUI connections are blocked on that interface.

 

Related documents:

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-To-switch-between-admin-login-page-or-...

 

https://docs.fortinet.com/document/fortigate/7.2.1/cli-reference/363620/config-vpn-ssl-settings#:~:t...

 

https://docs.fortinet.com/document/fortigate/7.2.1/administration-guide/574723/interface-settings

 

Contributors