How do I allow access only for specific hosts or subnet on a LAN to a particular SSL VPN Portal? I notice the settings under SSL-VPN Settings 'Limit access to specific hosts'. I think changes here will affect all Portals?
Thanks in advanced.
I haven't tested to make sure my theory but I think what routes are injected into a client device's routing table for split-tunneling is decided by "set split-tunneling-routing-t address ADDR_OR_ADDRGRP_OBJECT" (at least with 5.6.x) under a portal config.
Then in addition, you can further limit it by the destination address of the ssl.root->internal_interface policy. Regularly we match both to be the same.
User | Count |
---|---|
2551 | |
1356 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.