Hi everyone… I am looking for a solution in a interesting case. I want to realize a Remote VPN configuration with FortiClient and FortiEMS (Windows) if the Client is not in our Infrastructure that the Remote VPN is automatically establishing a VPN. That’s the part that works!
But now is the Keyquestion: I want if the Connection via VPN fails (because of blocking or so on) that the rest of the Client Data will go in to Blackhole until the VPN is UP. I want that the Client can not access foreign local Networks with unprotected or unencrypted Data.
Hello bakugo,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Have you concidered if you “blocking” should be done in the local software firewall on the client, i.e Windows Firewall instead?
Just a thought
Isn't that what the "Show remote VPN before login option does?"
I was always worried that would blackhole traffic in the event the VPN doesn't come up, as it's "before login" -> and then you could restrict logins to AD direct. But that sounds like exactly your use case. I haven't experimented, so these are just my .02
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.