Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

AWS to SSL vpn

Hi guys, i set up SSL vpn from fortigate to our AWS setup. we have 2 AWS accounts and i am able to reach resources in one account without any issues but not the other one. All the config is the same across both accounts.


on prem wifi is also going through fortigate and through that both AWS accounts are reachable and i am using the same LAN link as incoming interface for SSL vpn. 


any ideas of what could be the problem? thanks

1 Solution

So i see that traffic comes from ssl vpn to ipsec vpn from x.x.x.1 to x.x.x.2 on port 3389.
This traffic is allowed by policy "Allowed by Policy-29" and traffic leaves fortigate into tunnel
"enter IPSec interface Test VPN 2, tun_id=" -- Traffic enters tunnel
"IPsec encrypt/auth"   --- Traffic is encrypted

"send to x.x.x.4 via intf-wan2" ---traffic is leaving fortigate via WAN2 interface.

It seems that there might be an issue with RDP on AWS side.
Can you check if RDP is enabled on EC2 Server? or if there is any policy in AWS that blocks RDP traffic?

View solution in original post

New Contributor

OpenVPN just does not feel like a very polished solution as we have to install the OpenVPN client to connect to it. I would rather use something that conforms to a standard, so that I can either setup an IPSEC session in Windows natively.

router login 192.168.l.l

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors