Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Cristian_Penco
New Contributor

Scheduled SSL VPN access

Hi,

 

I need to set up scheduled SSL VPN access for some users. Created separate groups, separated schedule, applied to the firewall policy...

But, if for example i restart the firewall, and the scheduled time is expired for that user:

- the user can connect to vpn, but traffic is not passing - that is OK

- I set the new sceduled end time to end for expample 5 minutes from now and the connected user get the traffic going - that is OK.

- when the time expires, the user still have full access - that is NOT OK

- disconnect and reconnect the user and he stillhas access - that is NOT OK

- even after half hour of the expired time the user can still connect and has access...

 

What I noticed is that the client has to be disconnected for some time after the schedule end to enforce the right time.

 

Is that a supposed behavior? What am I doing wrong?

 

This done on a Fortigate 100D with V4.0 MR3 Patch 18.

 

Thanks for the uesfull responses.

 

Cristian

2 REPLIES 2
Mark_Oakton
Contributor

which policy have you put the schedule on?, vpn or inbound?

Infosec Partners
Infosec Partners
Cristian_Penco
New Contributor

Tried on all, the problem is as I nailed a bit, that the client has to be disconnected after the end time of the schedule to enforce it, like a minute or so, if less he can reconnect and gain all the access.

 

##Edit##

 

Seems that this is a Bug present in all of the current version. Still working with support for the issue.

Labels
Top Kudoed Authors