Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

SSL VPN for 2 possible incoming Ports: Setup an static IP-address


I have a brain-damaging situation ;) and maybe someone out there has a good idea.

We have a Master/Slave Fortigate setup. 

On each Fortigate, we have 2 uplinks, which may contain the uplink because of redundant BGP setup behind.

I now have the problem:

- Do I assign Port 1 for the first BGP uplink to the SSL gateway, it would not work, if Port 1 is down and Port 2 is up

- Same here, assigned Port 2, is the same, as with Port 1

- I would need to assign an ip-address on both ports. So I could enable both ports for the SSL VPN gateway. VRRP would not work, because both are active and up because the routers behind are, too

We need it, that are staff can login to the VPN, not using different hosts / IP

please, no DNS Stuff with refresh/TTL, this is not the kind we use to fix the problem ;)

Any help would be nice




Community Manager
Community Manager

Hello Secucard,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Anthony-Fortinet Community Team.
Esteemed Contributor III

How about putting both IPs in the FortiClient settings like below? The user doesn't have to know which is up.


Top Kudoed Authors