FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Article Id 252692
Description This article describes how to configure web mode SSL VPN to follow the SD WAN rules when it comes to the selection of the proper egress interface in order to reach the destination.
Scope FortiGate.

Starting from FortiOS 6.2.6 and 6.4.3 the SSL VPN web portal now allows following the SD WAN rules when selecting the proper egress interface to reach the destination.


Before 6.2.6 and 6.4.3, the web mode SSL VPN was considered self-generated traffic and followed the static and policy routes.


After 6.2.6 and 6.4.3, it is possible to enable the use of SD WAN.


# config vpn ssl web portal
    edit "full-access"
        set tunnel-mode enable
        set ipv6-tunnel-mode enable
        set web-mode enable
        set ip-pools "SSLVPN_TUNNEL_ADDR1"
        set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
        set use-sdwan enable <-------