Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Flyshuffle
New Contributor

Restrict access from different hosts for different portals

Hello Everyone,

 

This is on a FG200D running firmware 5.2.3.

 

I want to set up multiple SSL VPN portals on the same Fortigate device, but have different host restrictions for each portal.

 

I can set up the different portals and realms easy enough, but I have found that the "limit access to specific hosts" setting is global for all SSL VPN portals. I would like to have different settings for different portals.

 

For example, have https://my.vpn.address/customer1 be restricted to customer1's IP address, and https://my.vpn.address/customer2 be restricted to customer2's IP address. 

 

Going to SSL > Settings I see the restrict access options, but setting something there would apply to both customer1 and customer2, correct? I didn't see any obvious way to do this from the CLI or with a policy (i.e. ssl.root > network.)

 

Does anyone know how I could accomplish restricting different portals to different hosts?

 

Thanks!

1 REPLY 1
rwpatterson
Valued Contributor III

Just restrict in the policy. Use separate IP networks for the incoming traffic, and the policy will determine where they can go based on their IP address (supplied by the portal credentials).

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Top Kudoed Authors