Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
bakugo
New Contributor

FortiClient with EMS solution for Blackhole routing if RemoteVPN Fails

Hi everyone… I am looking for a solution in a interesting case. I want to realize a Remote VPN configuration with FortiClient and FortiEMS (Windows) if the Client is not in our Infrastructure that the Remote VPN is automatically establishing a VPN. That’s the part that works!

But now is the Keyquestion: I want if the Connection via VPN fails (because of blocking or so on) that the rest of the Client Data will go in to Blackhole until the VPN is UP. I want that the Client can not access foreign local Networks with unprotected or unencrypted Data.

omegle xender
3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Hello bakugo,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Anthony-Fortinet Community Team.
JonasV
New Contributor III

Have you concidered if you “blocking” should be done in the local software firewall on the client, i.e Windows Firewall instead?

 

Just a thought 

Kind regards
Kind regards
OwenW
New Contributor II

Isn't that what the "Show remote VPN before login option does?"

OwenW_0-1659459425687.png

I was always worried that would blackhole traffic in the event the VPN doesn't come up, as it's "before login" -> and then you could restrict logins to AD direct. But that sounds like exactly your use case. I haven't experimented, so these are just my .02

Labels
Top Kudoed Authors