Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
https://192.168.16.16:10443/proxy/http/192.168.0.250/would appear to be a private IP address. Just asking...
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Are you testing this from inside your network?Nope. I hoped that was clear in the earlier messages. I have Verizon FIOS. Their router runs 192.168.16.0/24 on the LAN side and runs a wireless network for our guests to have Internet access. The Fortigate sits with Wan1 on that network as 192.168.16.16 and 192.168.0.0/24 on the internal interface. So my 192.168.16.x address is outside the internal network, and https://192.168.16.16:10443 refers to Wan1 on the Fortigate. This gives our guests Internet access, keeps them off our private network, and doesn' t raise the issue of Verizon blaming any problems on the Fortigate router. FYI the Fortigate DHCP is off, and our SBS server at 192.168.0.250 does DHCP, DNS, WINS, and LDAP. I have IPSec VPN forwarded through the Verizon router and handled by the Fortigate. I have PPTP VPN forwarded through the Verizon router and through the Fortigate and handled by our server. But the Fortinet VPN client fails in Vista, I don' t like PPTP much, and my users often run into situations where a company firewall blocks their IPSEC and PPTP access and I' m hoping that an SSL VPN may work for them occasionally in those situations.
First of all, it is clear that SSL VPN works.That remains to be demonstrated. It' s not clear to me. I believe I' ve demonstrated that SSL VPN does not work if set up according to the Fortigate documentation.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
ORIGINAL: Jon Fleming I attempted to implement that. ssl.root is not a valid entry in the gateway of a route, but it is a valid device.You are correct. Was from the top of my head. Policy number 4 (here) should have the SSL-VPN action, not accept. Also, I left the tunnel IP range blank on the main page, and defined them in the advanced section of the user group. This allows me to filter access by user group.
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.