Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pedropaolo
New Contributor

Restrict VPN Access to desregistered devices

In my environment, I have some endpoints that had FortiClient installed and were managed by EMS. From there, they retrieved the necessary VPN configurations to connect to the corporation's servers.

 

The users lost their license because they were not seen for a period longer than what is defined in EMS Settings > EMS license timeout. As a result, they are no longer being managed/monitored by FortiEMS.

 

Is there any way to block these users' access to the VPN? Or force them to rejoin EMS?




1 REPLY 1
sjoshi
Staff
Staff

Hi pedropaolo,

 

You can use MAC binding to filter the user that connects to the SSL VPN.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-client-MAC-binding-supported-platf...

https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-address-check-on-SSL-VPN-connections/t...

If you have found a solution, please like and accept it to make it easily accessible to others.
Fortinet Certified Expert (FCX) | #NSE8-003459
Salon Raj Joshi
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors