Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
yennal
New Contributor

Created on ‎09-29-2023 01:19 AM

configure vpn ssl in my home

hi

 

I have a virtualised firewall at home with a private network 192.168.0.0/24 like everyone else who has an internet contract.

 

I want to set up a ssl vpn in my house.

 

I have not bought a public ip I want to be able to do it without buying it.

 

Kind regards

Labels:
610
0 Kudos
6 REPLIES 6
xshkurti
Staff
Staff

Created on ‎09-29-2023 01:32 AM

@yennal 
As per this moment there is no way to do that.
You need a public IP so that your clients know where to connect, or how to reach out to your FortiGate.

600
0 Kudos
yennal
New Contributor
In response to xshkurti

Created on ‎09-29-2023 01:38 AM

hi

I have not bought the public ip but I do have a public ip associated to my network because I have contracted an isp and they provide me with internet access but I cannot configure that public ip in the firewall and I want to know how to redirect the incoming ssl traffic from that public ip of the isp (for example Telefonica) to my private network.

 

 

596
0 Kudos
xshkurti
Staff
Staff

Created on ‎09-29-2023 02:08 AM

@yennal 
This redirection is done only by ISP that will allow a specific por to be sent to your private IP.

Saying that, all requests that go to ISPs public IP on port X (for example on port 15443) will be redirected to your private IP.
You can ask them to allocate one specific port for you, and you can then configure SSLVPN to use that particular port.

569
0 Kudos
kaman
Staff
Staff

Created on ‎09-29-2023 02:11 AM

Hi yennal,

 

I understand that you are using an internet network from an ISP but you do not have public IP provided by ISP.

 

Now in this situation, if the upstream ISP is providing fix/static public IP for your network you can ask the ISP to do the one-to-one IP NAT from their end.

 

From the firewall end, we do not have any control on public IP provided by ISP. For SSL VPN to work the traffic should hit the firewall on sslvpn listening interface and ssl vpn port. The IP available on the firewall interface is in the range 192.168.0.0/24, which is a private IP and not routable on the Internet. You can validate with your ISP if they can provide you with a static IP and if they can do NAT for you so that you will use that IP for SSLVPN.

 

Kind Regards

567
0 Kudos
hbac
Staff
Staff

Created on ‎09-29-2023 06:43 AM

Hi @yennal,

 

You can ask your ISP to perform port forwarding to forward traffic on SSLVPN port for example (10443) to your internal IP address. 

 

Regards,

538
0 Kudos
Rajan_kohli
Staff
Staff

Created on ‎09-30-2023 07:00 AM

Hi @yennal,

 

You can connect your ISP directly to your modem rather than via modem provided by your ISP.

 

Regards

Rajan

Rajan Kohli
518
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.