Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jeroen
Contributor

Disable "All Other Users/Groups" in SSL VPN

Hello,

 

I have a problem with disabling "All Other Users/Groups" on a Fortigate 40C (5.2.9). I don't want other users than the users that are mapped to a group.

 

Authentication is done Trough LDAP. There are two LDAP groups mapped to a local group. Those suppose to have acces. But now everyone has access to the Full-Access VPN portal. Because The All Other Users/Groups does also has the portal Full-Access assigned. The problem is that there can be only one portal on the Fortigate 40C. So i can't assign a portal with less rights to the other users.

 

Does someone has a idea how to solve this?

1 REPLY 1
_mribwan
Staff
Staff

Hi. Although this post is significantly old, I just would like to share my finding 

 

You may configure a dummy portal with tunnel mode and web-mode disabled, and assign All Other Users/Groups to this portal

Ref : https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/947829/ssl-vpn-security-best...