Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
fiberopt1986
New Contributor

FortiClient VPN tunnel

Hello all,

 

I cannot find a specific article how to do the following on the Fortinet site, so help would be much appreciated (even to point out kb article displaying how to do it).

 

I have a forticlient tunnel setup currently. I need to be able to give different levels of access. I will give you an example:

 

User1 --> Can only access 192.168.1.0 / 24 subnet (which is a vlan)

User2 --> Can only access 192.168.2.0 / 24 subnet (Which is another vlan)

 

..Etc.

 

Now The only way I can see doing this is by multiple forticlient tunnels? But that would be difficult to maintain if I require 8 users having access to different resources.

 

Thank you!

2 REPLIES 2
gschmitt
Valued Contributor

What Firmware are you running? In 5.2 (I think) and later you can apply User (Groups) to the SSL.Root > Interface policies

fiberopt1986
New Contributor

Hello,

 

We are currently using 5.2 firmware.

 

Just to clarify this is a IPSEC forticlient tunnel; not SSL.

 

I also tried to create a source from Forticlient > Internal with Source user and specified a local fortigate user which is also the user connecting, and I cannot connect to that specific internal resource when I specify the local user. When taking off the user I can connect fine.

 

Not sure what else needs to be done.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors