Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BumbleBee
New Contributor

SSLVPN as a Proxy

Hi, We are using ssl-vpn to connect to the office and work on the office servers. Regular ssl-vpn work. My issue starts when I want to connect to my production servers. Until today I was connecting with ssl-vpn to the office, then I connected with RDP to my computer in the office, then from the office computer I was connecting to the production servers with RDP or SSH. I would like to skip the RDP within RDP connection. It' s annoying. What should I configure in the Fortigate 110C that I have in the office in order to use RDP directly from home to production using the ssl-vpn connection to the office ? I changed in " Firewall Objects" the " SSL_VPN" address so the user will receive one of the local IPs, and modified the SSL_VPN to LAN policy. I connected with SSL-VPN and I see in " Ipconfig" the new address which is the internal address. I see the office network, servers and computers. But I still cannot reach the production servers (no Ping, no RDP). BTW, we connect from the office to the production with S2S VPN. Your help is appreciated. Thanks
1 REPLY 1
rwpatterson
Valued Contributor III

My opinion, keep the SSL VPN subnet unique from the inside IP subnet. If the two are the same, you cannot route since the SSl VPN is an interface. Once the tunnel is established, as long as the proper policy is in place you should be able to get to any server inside your network as though you were sitting at your desk at work. I connect to my home FGT via SSL VPN and can reach any machine on any network that I need to manage from one location because the right routes, tunnels and policies are in place.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

Bob - self proclaimed posting junkie!See my Fortigate related scripts at: http://fortigate.camerabob.com
Labels
Top Kudoed Authors