OK, I created one to see if there are any problems. No problems at all, running 5.2.1 on a 40C. First, I recommend to upgrade to 5.2.1 as many glitches have been removed. Then, clicking SSL > Settings, I got the message you are refering to: " No policy..." Continue to fill in all required fields. This is much easier now as for nearly all entry fields defaults are provided (even the portal). Click ' Apply' to see if all required fields are filled in. Policy warning still present. Click on the policy warning to create an (incoming) policy. This is from ' SSL.root' to the subnet which you would like to reach, usually ' internal' . Fill in all entries, and click OK. This will return you to the SSL > Settings dialog. Policy warning now is gone. You can add more policies for traffic originating from SSL VPN users, i.e. ' SSL.root' to ' dmz' or whatever.

Thank you ede_pfau, I upgraded my fortigate with 5.2.1 and followed the same settings with ssl.root and all fields provided. But when i click on ok it say me Input value is invalid.

So there is progress - the error message changed! " Invalid input" might refer to special characters in an object' s name, like spaces, umlauts, any letter with an accent etc. Any chance that you use one of those?

Oh is " _ " the special characters?

Yes. There have been a lot of posts about special characters in names, and their treatment in GUI and CLI which may differ sometimes. Best you get rid of spaces in names. You can change these in the CLI but you have to quote the name, like this: config firewall address rename " name with space" to NameWithSpace Note the " to" which you must not omit!

Hi everybody I removed space and other special character from my objects and retryed but the problem still present. Any other idea? Thanks for your help

Reboot and retry?