Hi,
Is it possible to have an authentication profile which is always active on an Virtual Server except for one specific IP range/Subnet?
We had a rule on a Citrix Netscaler which we want to implement in a similar way on a FortiADC.
All connections to a Virtual machine must authenticate, use an Authentication profile, except for a specific IP range /Subnet they must not authenticate.
We could not find a "simple" solution for this on the FortiADC.
I think you can achieve it this way:
- Publish twice your web server (e.g.: on VS1 & on VS2)
- Enable authentication policy on VS1
- Don't enable auth policy on VS2
- Add policy on your firewall to allow only your specific IP range to access VS2
- Allow all to access VS1
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.