- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSL VPN with FortiClient
Hello All,
After a little help from those much smarter than myself. We are looking at SSL VPN through FortiClient (There are reasons we cannot go to IPSec just yet).
We have configured SSL VPN and that works fine in "web mode" can access local lan resources and internet services however when we enable just tunnel mode and use FortiClient we lose access to local lan resources , internet services are fine.
The policy rule looks like -
d-fwivfo_a (d-vdom1) # show firewall policy "3"
config firewall policy
edit 3
set name "allow SSL VPN access"
set uuid d3819b0c-448c-51ef-8bfc-42a0334bb27b
set srcintf "ssl.d-vdom1"
set dstintf "dev-trust"
set action accept
set srcaddr "SSLVPN_TUNNEL_ADDR1"
set dstaddr "production servers"
set schedule "always"
set policy-expiry enable
set policy-expiry-date 2024-08-17 10:35:00
set service "ALL"
set groups "LU IPSec VPN"
next
end
So not completely sure what we are doing wrong ?.
We are using 100F's running 7.4.4
Any help appreciated .
- Labels:
-
FortiClient
-
SSL-VPN
Created on ‎07-17-2024 10:47 PM Edited on ‎07-17-2024 10:48 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @sdawson35 ,
Your rule configuration seems correct. Maybe the problem is your ssl-vpn configuration.
Which did you pick in the split tunnel configuration(disabled, Enabled Based on Policy Destination, or Enabled for Trusted Destinations?
If it is possible can you share the ssl-vpn configuration with us?
NSE 4-5-6-7 OT Sec - ENT FW
