Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
t_krawaczynski
New Contributor II

Access to VPN in the guest local network

 

Hello everyone, on port 1 I set the local network 192.168.0.0, port 2 is the guest network 192.168.1.0. I also have an SSL VPN configured to the 192.168.0.0 network and it works fine. I have access to my local servers no matter where I am.

I would also like to be able to connect to a VPN in my company on the guest network 192.168.1.0 to access my servers. I can't set it up VPN doesn't connect when I'm in this network.

I know I can set rules so that everyone in the guest network can access the servers, but that seems dangerous to me, hence the idea for a VPN. Please help

2 REPLIES 2
pminarik
Staff
Staff

Hi t_krawaczynski,

Assuming the SSL-VPN is configured to listen on interface "port-X" using TCP/UDP port 1234 (just examples), for guests connected to "port-Y" to be able to connect to the VPN, you simply need a firewall policy in port-Y -> port-X direction, allowing the destination port 1234 + IP of port-X.

 

This would be the baseline. If things still don't seem to work, we can discuss further. (e.g. if you have source-ip or source-interface restrictions configured in SSL-VPN settings, you will need to relax those to allow people to connect from the guest segment)

[ corrections always welcome ]
t_krawaczynski

Thank you that solved my problem. I didn't think of it and it's that simple

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors