- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Multiple VRF Aware Remote Access SSL VPN Tunnels - Fortigate
Hello
Please can you let me know if it is possible to create multiple remote access SSL VPN Tunnels (vrf aware). I have two LAN interfaces (subnet overlap) in separate VRFs. I want 2 ssl.root interfaces so that I can add VRF information.
Is this supported ?
Thanks
Solved! Go to Solution.
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We cannot create multiple ssl.root interface on fortigate or in single vdom. Even if we select multiple physicals interface in ssl vpn setting still it shows only on ssl.root interface.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
We cannot create multiple ssl.root interface on fortigate or in single vdom. Even if we select multiple physicals interface in ssl vpn setting still it shows only on ssl.root interface.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I don't think it is possible to create two ssl.root interfaces in the same vdom. Also for VRF support in the SSLVPN, all the interfaces should belong to the same vrf. So this will not work for multi-VRF: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Implementing-VRF-based-SSL-VPNs/ta-p/21361...
So one solution is multivdom setup
Why do you have the same subnets in different VRFs?
Created on 07-29-2024 11:41 PM Edited on 07-29-2024 11:42 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Thanks for your response. There was a subnet overlap during migration within a brownfield environment. Hopefully over time dedicated subnets would be assigned.