Hi,
I need to set up scheduled SSL VPN access for some users. Created separate groups, separated schedule, applied to the firewall policy...
But, if for example i restart the firewall, and the scheduled time is expired for that user:
- the user can connect to vpn, but traffic is not passing - that is OK
- I set the new sceduled end time to end for expample 5 minutes from now and the connected user get the traffic going - that is OK.
- when the time expires, the user still have full access - that is NOT OK
- disconnect and reconnect the user and he stillhas access - that is NOT OK
- even after half hour of the expired time the user can still connect and has access...
What I noticed is that the client has to be disconnected for some time after the schedule end to enforce the right time.
Is that a supposed behavior? What am I doing wrong?
This done on a Fortigate 100D with V4.0 MR3 Patch 18.
Thanks for the uesfull responses.
Cristian
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
which policy have you put the schedule on?, vpn or inbound?
Tried on all, the problem is as I nailed a bit, that the client has to be disconnected after the end time of the schedule to enforce it, like a minute or so, if less he can reconnect and gain all the access.
##Edit##
Seems that this is a Bug present in all of the current version. Still working with support for the issue.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.