I have two WAN interface - wan1 and wan2.
SSLVPN is Listen on Interface wan1.
How do I setup the redundancy of sslvpn ? Only add WAN2 on Listen interface ?
Sorry I cannot do the experiment, cuz my Fortigate 200D is on production.
Thank you.
Solved! Go to Solution.
Welcome to the forums.
For SSL VPN, I believe you simply create the appropriate policies and static router entries and you're good to go. Unlike IPSec VPN, SSL VPN isn't tied down by IP address on the way in, so policy alone should be good enough.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Don't forget the client side needs two separate profiles and the user manually need to choose one over the other.
To me it's pretty safe to test (adding wan2 and test SSL VPN into wan2) on the live unit without affecting to any other services including existing SSL VPNs via wan1. But if you're super careful (I wish I were), you might want to set a maintenance window and do the testing.
Welcome to the forums.
For SSL VPN, I believe you simply create the appropriate policies and static router entries and you're good to go. Unlike IPSec VPN, SSL VPN isn't tied down by IP address on the way in, so policy alone should be good enough.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Sorry I am not good at Fortigate...
Could you describe more detail about how to create the policies and static route for "sslvpn redundancy" ?
In policy :I have SSL-VPN tunnel interface(ssl.root)-LAN
In static route : I have destination route only
Very appreciate !
Don't forget the client side needs two separate profiles and the user manually need to choose one over the other.
To me it's pretty safe to test (adding wan2 and test SSL VPN into wan2) on the live unit without affecting to any other services including existing SSL VPNs via wan1. But if you're super careful (I wish I were), you might want to set a maintenance window and do the testing.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1788 | |
1119 | |
768 | |
447 | |
242 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.