Hi
I would like to configure Fortigate for always-up VPN connectivity like Direct Access with the VPN being initiated before the user has logged on to the laptop. Either secured by a valid certificate issued individually to each machine from our internal CA (we already issue certs for corporate wireless access so using the same computer cert would be helpful) or using Windows credentials + eventually some form of second factor. Of course it should be secure, but also convenient for the end user. Does anyone know if this kind of scenario is supported?
And if yes, would you go down that road? I mean reagrding evntual issues with forticlient and installation of the same on Win10 machines.
TIA, Zoran
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
hope this helps https://video.fortinet.com/video/118/how-to-setup-always-up-auto-connect-vpn-with-forticlient-5-2
Fortigate Newbie
Hi
Tnx for quick answer, @Fullmoon!
I've seen that video, but the focus there is mostly on how do you configure xml profile, not is it possible to use machine certificate instead of AD username/password.
I am also wondering does this need additional licenses on Fortigate?
BR
Zoran
Hey Zoran,
I am actually in the same boat as you are and I also cannot seem to find any useful information in the guides or forums for this.
Did anyone get this resolved? I'm looking for the same info. Any help would be appreciated.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1709 | |
1093 | |
752 | |
446 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.