Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

FortiClient VPN tunnel

Hello all,


I cannot find a specific article how to do the following on the Fortinet site, so help would be much appreciated (even to point out kb article displaying how to do it).


I have a forticlient tunnel setup currently. I need to be able to give different levels of access. I will give you an example:


User1 --> Can only access / 24 subnet (which is a vlan)

User2 --> Can only access / 24 subnet (Which is another vlan)




Now The only way I can see doing this is by multiple forticlient tunnels? But that would be difficult to maintain if I require 8 users having access to different resources.


Thank you!

Valued Contributor

What Firmware are you running? In 5.2 (I think) and later you can apply User (Groups) to the SSL.Root > Interface policies

New Contributor



We are currently using 5.2 firmware.


Just to clarify this is a IPSEC forticlient tunnel; not SSL.


I also tried to create a source from Forticlient > Internal with Source user and specified a local fortigate user which is also the user connecting, and I cannot connect to that specific internal resource when I specify the local user. When taking off the user I can connect fine.


Not sure what else needs to be done.


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors