- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiOS 3.0 to 5.4 - SSL-VPN Commands equivalence
Hi,
On a fortigate running FortiOS v3.0, it is possible to specify an IP range for ssl-vpn user groups using these commands :
edit "Group1" set group-type sslvpn set sslvpn-tunnel enable set sslvpn-tunnel-startip 172.16.0.1 set sslvpn-tunnel-endip 172.16.0.10
I upgraded my firmware to v5.4 and these commands are not available anymore. (sslvpn group type doesn't exist)
Where can I specify IP range for my user groups in this version ?
Thanks
Alvi
Solved! Go to Solution.
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Since v3.0 many things have changed around SSL VPN config. First, you have to re-learn how to configure SSL VPN with the documantation for v5.4 below:
http://docs.fortinet.com/uploaded/files/2778/fortigate-sslvpn-54.pdf
The client IP range is now configured in an address object and referred by a portal. The default address object name is SSLVPN_TUNNEL_ADDR1 and _IPv6_ADDR1.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Since v3.0 many things have changed around SSL VPN config. First, you have to re-learn how to configure SSL VPN with the documantation for v5.4 below:
http://docs.fortinet.com/uploaded/files/2778/fortigate-sslvpn-54.pdf
The client IP range is now configured in an address object and referred by a portal. The default address object name is SSLVPN_TUNNEL_ADDR1 and _IPv6_ADDR1.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for your fast answers, I found what I was looking for in the SSL-VPN docs.
I managed to make one portal by group and configuring each one to use its relative IP Pool.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you currently have SSL VPN portals built with IP ranges, make a backup without password protection and look. It's in there.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com