Heyoo,
We have a stock "full-access" portal we use that enables split tunneling. We have a single user that has an application on her laptop that much appear to come from within our network in order to work. All I am trying to do is create another portal, just for her, that disables split tunneling.
Portal is created..no problem.
I create a new SSL VPN firewall policy specifying the user and info and authentication rule specifying the SSL portal to use and I am unable to save it without error about range not valid...
Is this the correct procedure to do this? I'm following the cookbook for 5.0.7 and I thought it was pretty staightforward but I guess not. All I want is a second portal for a single user that doesn't use split tunneling.
Thanks!
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Are you sure Local Interface is wan1? Generally that's LAN side. Take a look at the existing polity.
I don't remember exactly how 5.0 SSL VPN config looked like since they changed quite a bit w/ 5.2, which we're current running. Based on the error message you described, looks like it doesn't like another portal referred by another policy with different set of users is sharing the same IP pool with the original one. Try assigning a different pool without overlapping.
Are you sure Local Interface is wan1? Generally that's LAN side. Take a look at the existing polity.
Doh! That was it...what a bonehead I am sometimes. I had the incoming interface as ssl.root and local interface as Wan1 (gee..that makes perfect sense...NOT) but it should have been Wan1 for incoming and LAN as local.
Works now - thanks Toshi!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.