Hello everyone, on port 1 I set the local network 192.168.0.0, port 2 is the guest network 192.168.1.0. I also have an SSL VPN configured to the 192.168.0.0 network and it works fine. I have access to my local servers no matter where I am.
I would also like to be able to connect to a VPN in my company on the guest network 192.168.1.0 to access my servers. I can't set it up VPN doesn't connect when I'm in this network.
I know I can set rules so that everyone in the guest network can access the servers, but that seems dangerous to me, hence the idea for a VPN. Please help
Hi t_krawaczynski,
Assuming the SSL-VPN is configured to listen on interface "port-X" using TCP/UDP port 1234 (just examples), for guests connected to "port-Y" to be able to connect to the VPN, you simply need a firewall policy in port-Y -> port-X direction, allowing the destination port 1234 + IP of port-X.
This would be the baseline. If things still don't seem to work, we can discuss further. (e.g. if you have source-ip or source-interface restrictions configured in SSL-VPN settings, you will need to relax those to allow people to connect from the guest segment)
Thank you that solved my problem. I didn't think of it and it's that simple
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.