Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bfig90
New Contributor

Configuring a profile to allow or block endpoint from VPN tunnel connection based on the applied sec

Dear,

Following the guide (https://docs.fortinet.com/document/forticlient/7.4.0/ems-administration-guide/701440/configuring-a-p... i'm trying to create rules in order to block for i.e:endpoint with critical vulnerabilities to connect vpn.

 

But in my console i do not have the option like showing in the link:

 

Link console:

2024-10-30_11-31.png

 

My console:

2024-10-30_11-30.png

1 Solution
bfig90

 

I found it. In the new console version 7.4.0 the option is this one, after you have created the rule logic:

2024-10-30_15-50.png

 

 

View solution in original post

4 REPLIES 4
johnathan
Staff
Staff

That document references a 'security posture tag', which needs to be configured first before it is selected. You can make it by following this guide: 
https://docs.fortinet.com/document/forticlient/7.4.0/ems-administration-guide/142/adding-a-security-...

"Never trust a computer you can't throw out a window."
bfig90

I understand. I followed the link and i learned that i can create 2-3 ore more rules in one. But still i cannot find how to apply this rule in order to say that if EndpointXY is not fulfilling this conditions do not connect 

johnathan

I would rewrite the rule to only apply the tag to the client if they are meeting your requirements. You can then only allow the user to connect if that tag is there. 

"Never trust a computer you can't throw out a window."
bfig90

 

I found it. In the new console version 7.4.0 the option is this one, after you have created the rule logic:

2024-10-30_15-50.png

 

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors