Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
SecurityPlus
Contributor II

Created on ‎09-03-2018 10:50 PM

Security Rating - Interface Classification - SSL-VPN tunnel interface (ssl.root)

I'm working on a 60E FortiGate firewall that was recently upgraded to 6.0.2. When I run the Security Rating it says that all interfaces should be classified as LAN, WAN, or DMZ. We have an interface SSL-VPN tunnel interface (ssl.root) that is not classified. What classification should this interface have, LAN, WAN, or DMZ? How is this classification set?

11029
0 Kudos
3 REPLIES 3
SecurityPlus
Contributor II

Created on ‎09-04-2018 11:20 PM

Does anyone have a suggestion as to how to respond to the security ratings issue?
6632
0 Kudos
jim3cantos
New Contributor III
In response to SecurityPlus

Created on ‎12-16-2019 05:20 AM

SecurityPlus wrote:
Does anyone have a suggestion as to how to respond to the security ratings issue?
Did you find out how to classify SSL-VPN tunnel interface (ssl.root)?

José Ignacio Martín Jiménez
José Ignacio Martín Jiménez
6629
0 Kudos
jim3cantos
New Contributor III
In response to jim3cantos

Created on ‎12-16-2019 05:28 AM

...further searching brought "WAN" as the "candidate" answer:

https://forum.fortinet.com/tm.aspx?m=158094

https://community.spiceworks.com/topic/2083065-fortigate-interface-role-for-ssl-vpn-tunnel-interface

 

José Ignacio Martín Jiménez
José Ignacio Martín Jiménez
6629
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.