Please advise what else I can look in to if you have any ideas:
Issue: SSLVPN connection can access internal network, but cannot browse internet while connected via tunnel; web-access works.
Details: running 80F on 7.0.2 clients running Forticlient 7.0.1.0083
Firewall policies exist both inbound with NAT disabled and no inspection/policies currently
Split tunnel is purposefully disabled
SAML login with Azure works perfect
Tunnel and web access are enabled on coresponding portal/only web works
SSL Debug log
Configurations below
SSL Settings:
Interface Config:
Portal Config:
Firewall Policies:
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Unless I'm missing something, it looks to me like Source NAT isn't turned on for Policy 15, the SSL-VPN to Internet policy.
You're using a full-tunnel SSL-VPN (set split-tunneling disable), so all traffic is shuttled over the VPN in this case, but you still need to NAT your address from the private IP range used by your SSL-VPN to your externally-routable Public IP before going out to the Internet (I'm assuming this is all using IPv4 since that is more common to see right now).
Unless I'm missing something, it looks to me like Source NAT isn't turned on for Policy 15, the SSL-VPN to Internet policy.
You're using a full-tunnel SSL-VPN (set split-tunneling disable), so all traffic is shuttled over the VPN in this case, but you still need to NAT your address from the private IP range used by your SSL-VPN to your externally-routable Public IP before going out to the Internet (I'm assuming this is all using IPv4 since that is more common to see right now).
Thank you. Sometimes I just need someone to point out simple things Im over thinking apparently.
Enabled NAT on Outbound and tunnel is now operational.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1660 | |
1077 | |
752 | |
443 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.