Hello everyone,
In the topic of the new vulnerability CVE 2023 27997 affecting FortiOS VPN SSL, I'm very interresting to monitor access to the vpn ssl web portal. Can exist a configuration on the FortiOS running the sslvpnd daemon to log web access request to the vpn ssl web portal ? For example, I need equivalent to webserver log with source address / method / uri / scheme / response code etc ...
With this topic, I will happy to help the community to fine tunning the log configuration to monitor current and, possible future vulnerability on the vpn ssl web portal.
Regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Nawhack,
You can view the source information of the user in Logs&Reports>>Events>>VPN events. However not all the mentioned things but it might give you some idea.
Please go through the below link for reference
https://community.fortinet.com/t5/FortiGate/Technical-Tip-View-historic-SSL-VPN-user-connectivity-lo...
Regards
Nagaraju.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.