Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AtiT
Valued Contributor

SSLVPN Multiple Interface Problem

Hello guys, I have a problem with SSLVPN and hope someone can help me. I need to test SSLVPN from 2 directions to get into the internal network (port2). According to the image below I need to realize the following: The firewall has 2 VDOMS: 1st (root) for management and 2nd for production. Management port is 1443 and the SSLVPN is set for port 443.

 

The SSLVPN is beeing set in the production VDOM - not the root VDOM.

The problem is that the SSLVPN connection is working only for port4 (Internet) connection only. I need to allow SSLVPN alos for the port1. I tried to allow port1 (or any) in the SSLVPN settings. It did not help. What I need to allow SSLVPN connection to the same IP address as from the Internet xxx.yyy.zzz.179 through port1. I also tried to set up a loopback IP address and create a VIP object for the xxx.yyy.zzz.180 -> loopback IP but still no success. Always the error: The server may be unreachable. (10%). Is it possible to set up this topology? note: When I allowed port1 in SSLVPN settings I was not able to access the SSVLPN on https://192.168.222.1/ I can imagine that the connection from port1 to port4 is not working for same reason (for example NAT etc.) but the https://192.168.222.1/ should work. Some comments?

 

 

FortiOS 5.2.3.

AtiT

AtiT
1 REPLY 1
rob_cart
New Contributor

i had this issue...found the answer here

 

http://kb.fortinet.com/kb/documentLink.do?externalID=FD36218

 

Labels
Top Kudoed Authors