FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes how to configure web mode SSL VPN to follow the SD WAN rules when it comes to the selection of the proper egress interface in order to reach the destination.
Scope
FortiGate.
Solution
Starting from FortiOS 6.2.6 and 6.4.3 the SSL VPN web portal now allows following the SD WAN rules when selecting the proper egress interface to reach the destination.
Before 6.2.6 and 6.4.3, the web mode SSL VPN was considered self-generated traffic and followed the static and policy routes.
After 6.2.6 and 6.4.3, it is possible to enable the use of SD WAN.
# config vpn ssl web portal edit "full-access" set tunnel-mode enable set ipv6-tunnel-mode enable set web-mode enable set ip-pools "SSLVPN_TUNNEL_ADDR1" set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1" set use-sdwan enable <------- next end
