Hi Folks!
i have a special problem, we want that our user´s can use our public ip over vpn, but i don´t find any options in our fortigate FW60.
has anyone the same? maybe someone can help.
thanks a lot
Solved! Go to Solution.
Then proceed according to this example and it will work: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Disabling-Split-Tunnel-configuration/ta-p/...
Do you mean by "use our public ip over vpn" that users will connect with FOrticlient to the Fortigate and then browse to the Internet via this tunnel? If so, then it is easy - do not enable Split Tunneling in SSL VPN settings and create additional Security rule - from ssl.root interface to WAN/Internet interface with NAT enabled.
yes, we have the callenge that our company users are in homeoffice, but the need our public ip, for working
Then proceed according to this example and it will work: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Disabling-Split-Tunnel-configuration/ta-p/...
you should differ: do you want the complete traffic of your users including internet to go gout via your public ip? Then simly do not enable split tunneling.
Do you want to enable your users to access some external services via the vpn that are limited to your company's public ip? Then you need to add that to the split tunneling and set a policy to allow that using nat with your public ip...
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.