Hey,
We got traformed from Sonics to Fortigates and have situation that we have two ISP's but we had configured only one ISP for our SSLVPN.
Looking for a solution where if my Primary ISP goes down would like use secondary ISP seamlless for SSLVPN users on user propsective
Is there any way we can configure on FortiGates for this solution ?
Hi @hianilz,
Yes, you can use list both WAN interfaces to listen for VPN connections. You can also use DDNS to connect to the VPN instead of IP address. Please refer to the following links:
https://community.fortinet.com/t5/FortiGate/Technical-Note-SSL-VPN-redundancy/ta-p/195760
https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-Redundancy/ta-p/189668
Regards,
I presume it is not possible, I have never had such experiences. Maybe my colleagues have another opinion - let's observe it together.
Since SSL-VPN is stateful, it can not seamlessly move to another ISP, Client will just terminate connection. If there is another option such like load-balancing for ssl.vpn virtual public interface - I don't think so (at least).
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.