- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiClient EMS 7.4 - Remote Access profile not showing SSL VPN Tunnel in GUI
Hello everyone,
I am testing FortiClient EMS trial because we want to get EPP/APT for our clients till end of the year.
I went for a direct install of version 7.4 because it runs on Linux. In the Remote Access Profile there is no way to create a SSL VPN tunnel in the gui, I can only see IPsec there.
Does someone else having this issue? (Couldn't find it in the known issue list and wanted to ask here before asking official support)
Solved! Go to Solution.
- Labels:
-
FortiClient EMS
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
you need first enable it in Features, since SSLVPN is now considered as dangerous and is disabled by default.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
you need first enable it in Features, since SSLVPN is now considered as dangerous and is disabled by default.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Oh you are right! Can you point me to some more information about SSLVPN being dangerous? (Seems like my knowledge is not up to date)
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
EMS display it when you try to enable SSL VPN feature:
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sure, i saw that. But why? After a quick search (in this forum and other security platforms) I have not found any hints that states ssl vpn as insecure...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I think it's because there was some critical bugs in ssl vpn in past months (not only Fortinet but other vendors also). As SSLVPN is based on http protocol it's hard to program it 100% safe bug-free. Therefor I expect IPSEC will be preferred in future because there is no web server involved and in long-term there wasn't such critical bugs.