Hello to everyone reading my first post!
I have an issue setting up my SSL-VPN with a FortiGate 40F through Nginx Reverse Proxy.
This is a new setup and it hasn't worked before.
My desired setup is being able to connect to SSL-VPN with FortiClient on port 443, which is forwarded to my Nginx ReverseProxy server. My reverse proxy server will encrypt the traffic using a Let's Encrypt wildcard certificate and forwards the traffic to the internal interface of my FortiGate on port 1443 for example.
The traffic redirect works on the reversed proxy, if I browse to the VPN domain on the internet, I get (as expected) the web-access page of FortiGate SSL-VPN, traffic encryption works as well.
Connecting to the VPN with port 1443 directly on the FortiGate works as well, just not encrypted with my own certificate.
The policy's from interface to interface are on allow all and works. When I connect to the VPN through port 443, it gets to 98% and then times-out. The FortiGate logging says everything is ok, as the Nginx server says, but it still times out.
The benefits of using this setup (for me);
- Managing verified SSL certificates on 1 server with autorenew.
- Using the default port for SSL-VPN traffic.
- Being able to control this using ACL's on policy's.
I only have 1 public IP-address and I am not able to add another.
My guess is that the Reversed proxy config doesn't work for this setup.
Who is able to help me? Thanks in advance!