Is if possible to Create Multiple SSL VPN Groups that have limited access to different Networks
AdminVPN Users able to get to systems and management
StandardVPN Users able to get to what systems they need but limited
and so on
Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello CodeTron,
Yes, it is possible to create multiple SSL VPN groups that have limited access to different networks. Here's a general approach to achieving this:
User Groups: First, you need to create different user groups in FortiGate for each category of VPN users, such as AdminVPN Users and StandardVPN Users.
SSL VPN Configuration: Configure SSL VPN settings on the FortiGate appliance, including authentication methods (such as username/password, client certificates, etc.) and SSL VPN settings (IP address range, encryption settings, etc.).
VPN Portal Configuration: Set up VPN portals for each user group. VPN portals are customized web pages where users can log in and access VPN services. Each portal can have its own authentication settings and access controls.
Access Policies: Define access policies based on user groups. You can create firewall policies that allow or restrict traffic based on the source user group, destination networks, and services. For example:
User Authentication: Configure authentication methods for each user group. FortiGate supports various authentication methods, including local user database, LDAP, RADIUS, and more. You can assign different authentication methods to each user group based on your requirements.
Network Segmentation: Ensure that your internal network is properly segmented to restrict access based on user permissions. This may involve configuring VLANs, subnetting, and firewall rules within your internal network infrastructure.
By following these steps, you can create multiple SSL VPN groups in Fortinet with limited access to different networks based on user roles and permissions. This approach allows you to enforce security policies and control access to resources based on the specific needs of each user group
Thank you.
Hello @CodeTron ,
You can apply this with the user group and firewall policy. In this way, your user just accesses allowed networks in a policy with their ssl-vpn connection.
Hello CodeTron,
Yes, it is possible to create multiple SSL VPN groups that have limited access to different networks. Here's a general approach to achieving this:
User Groups: First, you need to create different user groups in FortiGate for each category of VPN users, such as AdminVPN Users and StandardVPN Users.
SSL VPN Configuration: Configure SSL VPN settings on the FortiGate appliance, including authentication methods (such as username/password, client certificates, etc.) and SSL VPN settings (IP address range, encryption settings, etc.).
VPN Portal Configuration: Set up VPN portals for each user group. VPN portals are customized web pages where users can log in and access VPN services. Each portal can have its own authentication settings and access controls.
Access Policies: Define access policies based on user groups. You can create firewall policies that allow or restrict traffic based on the source user group, destination networks, and services. For example:
User Authentication: Configure authentication methods for each user group. FortiGate supports various authentication methods, including local user database, LDAP, RADIUS, and more. You can assign different authentication methods to each user group based on your requirements.
Network Segmentation: Ensure that your internal network is properly segmented to restrict access based on user permissions. This may involve configuring VLANs, subnetting, and firewall rules within your internal network infrastructure.
By following these steps, you can create multiple SSL VPN groups in Fortinet with limited access to different networks based on user roles and permissions. This approach allows you to enforce security policies and control access to resources based on the specific needs of each user group
Thank you.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1665 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.