Hi, we Have a F600E, which is the single main router, firewall and DHCP server to a single LAN. What we want is when a group of VPN clients connect with FortiClient VPN to this device and network, they should only be able to communicate with one machine in that LAN, which is a file server. We don't want VPN connected clients to have access to any other local machines in that network.
How can we achieve this ? Thanks
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @d3xmeister ,
You can achieve this request with a firewall policy. You can configure a firewall policy with your user group and allow access to the File server. For example, if you configure a policy like this, you can give access users to the file server.
Source Interface: SSL.root
Destination Interface: <File_Server_Network_Interface>
Source: ssl.vpn.ip.pool -- User group
Destination: <File server IP>
Service: SMB-FTP-SFTP ( You can add or remove services as related to your file server service)
Hello @d3xmeister ,
You can achieve this request with a firewall policy. You can configure a firewall policy with your user group and allow access to the File server. For example, if you configure a policy like this, you can give access users to the file server.
Source Interface: SSL.root
Destination Interface: <File_Server_Network_Interface>
Source: ssl.vpn.ip.pool -- User group
Destination: <File server IP>
Service: SMB-FTP-SFTP ( You can add or remove services as related to your file server service)
I haven't tried this solution yet, but sounds logical that this would work, Thank you
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.