Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jimmy10
New Contributor II

Created on ‎05-02-2024 03:16 AM

2 separate SSLVPNs with 2 separate SSL certificates

Hi,

 

I am trying to figure out if I can setup 2 separate SSLVPNs with 2 separate SSL certificates, but I am getting nowhere.

Is this possible?

Labels:
223
0 Kudos
1 Solution
ebilcari
Staff
Staff
In response to jimmy10

Created on ‎05-02-2024 06:48 AM

Than the only possible way as also suggested previously is to use a single certificate with multiple SAN. This can be easily done in a private CA but for public signed certificates it may be difficult to get.

SANs.PNG

In case you need separate SSL VPN configurations, you could also use VDOMs. It allows individual SSL VPN configurations for each VDOM in the FGT.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

170
4 REPLIES 4
funkylicious
SuperUser
SuperUser

Created on ‎05-02-2024 04:09 AM

Hi,

As far as I know, you cannot defined 2 different certificate under the SSLVPN settings.

What you can do, is defined within the certificate 2 SANs resolving in the same IP address of the FGT listening on SSLVPN.

 

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiGate-HTTPS-SSL-Certificate-Installati...

geek
geek
198
ebilcari
Staff
Staff

Created on ‎05-02-2024 04:53 AM

Are you trying to configure two completely different SSL VPN using two different public IPs and Domains (URL) or just need two URL and certificates pointing on the same SSL VPN IP/interface?

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
187
jimmy10
New Contributor II

Created on ‎05-02-2024 06:16 AM

Hi ebilcari,

I just need two URL and certificates pointing on the same SSL VPN IP/interface.

177
0 Kudos
ebilcari
Staff
Staff
In response to jimmy10

Created on ‎05-02-2024 06:48 AM

Than the only possible way as also suggested previously is to use a single certificate with multiple SAN. This can be easily done in a private CA but for public signed certificates it may be difficult to get.

SANs.PNG

In case you need separate SSL VPN configurations, you could also use VDOMs. It allows individual SSL VPN configurations for each VDOM in the FGT.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
171
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.