One of my customers is complaining they are able to connect to SSL VPN (SAML) from inside their network. Not sure why they're trying to do so but is there an easy way to block this from happening? I've tried running negate from the ssl vpn settings from RFC 1918 addresses but that did not work.
config vpn ssl settings set source-address-negate enable
Apparently this is not working. Folks can still connect to the SSL VPN from inside the Fortigate. They've been told not too and it defeats the purpose, but they don't listen. Has anyone been successful in blocking this ability?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.