Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Joe_Mohtady
New Contributor

Created on ‎09-11-2012 02:24 AM

RDP on SSL VPN Tunnel from Android

Hi, I am using forticlient on HTC android ver 4.0.4 ,I have succeded to connect ssl vpn and according to the monitor in the fortigate FW it gives my real IP and a subsession Tunnel IP " from assigned pool" ( Please find the attached), but i am not able able to connect to any thing on the internal network and there is nothing in the logs although I have created all the policies according to fortinet support . Note: I have an internal juniper F/W as second layer but there is nothing on it' s logs also Thank You
Preview file
71 KB
1150
0 Kudos
4 REPLIES 4
Carl_Wallmark
Valued Contributor

Created on ‎09-11-2012 02:32 AM

Hi and welcome, Have you also created a static route with something like: 172.23.1.0/24 -> ssl.root

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
891
0 Kudos
Joe_Mohtady
New Contributor

Created on ‎09-11-2012 02:54 AM

Yeah, I have created a static root with a destination ssl.root Gateway 0.0.0.0
891
0 Kudos
Carl_Wallmark
Valued Contributor

Created on ‎09-11-2012 03:42 AM

How does your policys look like ?

FCNSA, FCNSP
---
FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30B
FortiAnalyzer 100B, 100C
FortiMail 100,100C
FortiManager VM
FortiAuthenticator VM
FortiToken
FortiAP 220B/221B, 11C

FCNSA, FCNSP---FortiGate 200A/B, 224B, 110C, 100A/D, 80C/CM/Voice, 60B/C/CX/D, 50B, 40C, 30BFortiAnalyzer 100B, 100CFortiMail 100,100CFortiManager VMFortiAuthenticator VMFortiTokenFortiAP 220B/221B, 11C
893
0 Kudos
Joe_Mohtady
New Contributor

Created on ‎09-11-2012 04:28 AM

I have created all the scenarios now and it worked not sure which one was the missing, Policies: 1) from external to internal all --->all action ssl-vpn ssl tunnel pool------>all action accept 2) from internal to external all ---> SSL tunnel action accept 3) from ssl.root to internal all all 4) from external to ssl.root all all Thank You
893
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.