Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SteveTheITDude
New Contributor

Created on ‎08-05-2022 07:18 AM

Fortigate v7.2.1 - Used for VPN Only (No WAN Interface)

I'm currently demoing Fortigate v7.2.1 as a HyperV VM to replace our current SSL-VPN solution. At the moment, the Fortigate VM is only being used for SSL-VPN and not as our firewall appliance so there is no WAN interface connected. I've followed the Fortigate Cookbook for SSL-VPN (Cookbook | FortiGate / FortiOS 6.0.0 | Fortinet Documentation Library) but my SSL VPN web interface is not coming up.

 

When I attempt to connect to the local IP for the SSL VPN I'm getting "The connection for this site is not secure. 172.16.0.5 used an unsupported protocol; ERR_SSL_VERSION_OR_CIPHER_MISMATCH. The client and server dont support a common SSL protocol version or cipher suite"

 

NOTE: I am running my https admin interface on port 4443 and the SSL-VPN on port 443

 

Being new to Fortigate and only running a trial license I'm at a loss. Is it possible to run Fortigate for just an SSL-VPN appliance only?

 

Fortigate_5.png

 

Fortigate_4.pngFortigate_3.pngFortigate_2.pngFortigate_1.png

Labels:
1096
0 Kudos
1 Solution
SteveTheITDude
New Contributor

Created on ‎08-10-2022 05:02 AM

Hi Anthony,

 

Thanks for checking into this but I have found the answer. I reached out to the Account Manager I have been speaking with and they ended up asking one of the engineers. It turns out when using the trial license the encryption level is limited:

 

"..only DES encryption is allowed (except for management, in which full encryption is enabled), meaning that SSL VPN is not possible, but IPSEC VPN with DES is still possible for testing purposes."

View solution in original post

1058
0 Kudos
3 REPLIES 3
Anthony_E
Community Manager
Community Manager

Created on ‎08-07-2022 09:58 PM

Hello Steve,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Anthony-Fortinet Community Team.
1075
Anthony_E
Community Manager
Community Manager

Created on ‎08-09-2022 11:36 PM

Hello,

 

We are still looking for an answer to your question.

We will come back to you as soon as we get it.

 

Regards,

Anthony-Fortinet Community Team.
1065
SteveTheITDude
New Contributor

Created on ‎08-10-2022 05:02 AM

Hi Anthony,

 

Thanks for checking into this but I have found the answer. I reached out to the Account Manager I have been speaking with and they ended up asking one of the engineers. It turns out when using the trial license the encryption level is limited:

 

"..only DES encryption is allowed (except for management, in which full encryption is enabled), meaning that SSL VPN is not possible, but IPSEC VPN with DES is still possible for testing purposes."

1059
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.