Hi, I'm working with a FGT300C running v5.0,build0305 (GA Patch 10). I'm
trying to restrict access to one of the IPSec dialup VPN's on the box to
specific source IP's. I have created a Address Group with the source
IP's, associated with the VPN inter...
Hi,Here is the scenario: - I have a site-to-site IPSec tunnel between
two 60D's which carry video in the tunnel - I have the following
policies setup on the sending unit: 1) internal to VPN
(Encoder_local_LAN to Decoder_remote_LAN ALL) 2) VPN to inte...
Greetings, I have a 60C which has been in production for several months
running v5.0,build0305 (GA Patch 10). This morning, while
troubleshooting an IPSec issue on the unit, I noticed the SSL VPN portal
is no longer accessible. After digging deeper, ...
Hi,I have a 300C with an interface facing my ISP. On that interface I
have several public IPs. I have remote admin access and SSL VPN enabled.
I would like to access both the SSL VPN and admin GUI from the outside -
currently the VPN portal responds ...
I ended up using SSL VPN which works with a source IP Group. It also
allows for the use of a CLI based Linux client, which turned out to be a
requirement.
tanr wrote:Do all your other VPN's on that interface have distinct IPs?
If so, you could still specify the physical interface as the intf and
separate out the VPN's by dstaddr. Other than that I don't really have
other suggestions. The way local-in-p...
tanr wrote:What is the interface (intf) you're specifying as your VPN
interface?I believe it needs to be the actual physical interface your
vpn interface is on, not the vpn interface object itself. If that works
then you'll want to make the accept an...
If you mean specifying the source IP group under the IPv4 policy as the
source address, I've tried that. Although it stops access to the
destination subnets, it still allows any public IP to connect to the
VPN, it just doesn't route the traffic. I'm ...
