Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
firas
New Contributor II

Created on ‎06-30-2023 06:57 AM

VPN Cisco Anyconnect using Fortigate 200F

Hello all,

I'm using the Fortigate 200F with firmware version 7.2.5.
I want to enable the Cisco Anyconnect remote access VPN using my current fortigate firewall.

I'm asking if there is any tutorials or KBs to help me with the steps for this project.

 

Many thanks,

Labels:
3143
0 Kudos
1 Solution
pminarik
Staff
Staff

Created on ‎07-03-2023 05:04 AM Edited on ‎07-03-2023 05:04 AM

Are we talking SSL-VPN or IPsec? In either case, the answer is most likely "no".

 

SSL-VPN: This has no standard/RFC, so as a rule of thumb you should always assume no compatibility between vendors, unless explicitly confirmed by either side. (And as far as I know, this is the case here too)

 

IPsec: IPsec is mostly standardized, and there is even a "Dialup - Cisco IPsec Client" wizard template in FortiOS GUI. However, the last time I've heard about this, this teplate supposedly only works with some old/outdated Anyconnect versions, and new/current Anyconnect clients are reportedly incompatible with general third-party solutions due to some vendor-specific proprietary attributes used by Anyconnect and ASA.

[ corrections always welcome ]

View solution in original post

3061
4 REPLIES 4
adambomb1219
SuperUser
SuperUser

Created on ‎06-30-2023 09:43 AM

Why?  Why not use FortiClient?  FortiClient has a free option (without TAC support).  Cisco Secure Client requires Essentials or Advantage licensing.

3121
0 Kudos
firas
New Contributor II
In response to adambomb1219

Created on ‎07-03-2023 04:55 AM

I'm using the ASA-5515 in my old system, and as upgrade I'm switching to the Fortigate 200F. Regarding the budged, ZTNA will be implemented in 2024, so that's why I will use the anyconnect solution for the moment. 

3065
0 Kudos
adambomb1219
SuperUser
SuperUser
In response to firas

Created on ‎07-05-2023 07:51 AM

ZTNA?  Why not use FortiClient for now?  This is not going to be possible.  Your version of AnyConnect for the 5515 is probably EOL by now anyways.

3019
pminarik
Staff
Staff

Created on ‎07-03-2023 05:04 AM Edited on ‎07-03-2023 05:04 AM

Are we talking SSL-VPN or IPsec? In either case, the answer is most likely "no".

 

SSL-VPN: This has no standard/RFC, so as a rule of thumb you should always assume no compatibility between vendors, unless explicitly confirmed by either side. (And as far as I know, this is the case here too)

 

IPsec: IPsec is mostly standardized, and there is even a "Dialup - Cisco IPsec Client" wizard template in FortiOS GUI. However, the last time I've heard about this, this teplate supposedly only works with some old/outdated Anyconnect versions, and new/current Anyconnect clients are reportedly incompatible with general third-party solutions due to some vendor-specific proprietary attributes used by Anyconnect and ASA.

[ corrections always welcome ]
3062
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.