Hi there,
need help please.
we using FG60D with firmware 5.6.2 we've setup VPNSSL with listening from WAN2.
vpn ssl can be accessed from outside network (network with no connection to fortigate).
vpnssl created for connect LAN (using interface port 1).
how to make vpn ssl also accessible from WAN1.
user connect internet from WAN1, but when needed, user can access vpnssl to connect LAN.
special note:
generally, user who connect internet, don't have access LAN, that's why we don't create policy between WAN1 and LAN (Poirt 1)
need help please
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
if you havent seen these links, then cookbook is your friend.
http://cookbook.fortinet.com/ssl-vpn-using-web-and-tunnel-mode-54/
http://cookbook.fortinet.com/ssl-vpn-for-remote-users/
Fortigate Newbie
yes, already read.but no solution there.thank you
Hi,
Do you have public IP on you both wan interfaces?
If yes, you need add the wan 1 in 'listen on interface' in SSL-VPN Settings too, then you go to ipv4 policy and create a policy from SSL-VPN tunnel interface to your lan interface, so that you ca use boths wan interfaces as VPN SSL.
hi Daniel,
thanks for reply.
if I add wan1 on listening interface, then client setting must be set to IP public WAN1.
let say ip wan1 1.1.1.1
then on client site, server must be direct to "https://1.1.1.1:<port no.>
am I correct?
Hi papapuff,
You are correct! you can use either wan1 IP or wan2 Ip on the broswer like you said, https://wan1ip:port or https://wan2ip:port. Do not forget create a firewall policy from SSL TUNNEL inteface to your lan and apply the user group in ssl settings and the vpn ssl firewall policy.
Hello,
I know the post is pretty old.
I want to implement a same. I have VPN SSL running on wan2 already few years. Now I decided to create additional VPN interface on wan1.
I added wan1 in SSL-VPN Settings - Listen on Interface. Unfortunately it not enough. Using same user name I can connect to existing wan2, but not to wan1.
My software version is v6.0.3 on FortiWiFi 60D.
What I am missing?
Thank you in advance.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.