Hello,
I can restrict it to one single CONNECTION FortiClient IPSec per user?
If I create the user "Operator1" this can connect with 20 pc, 20 tablet....I would limit it to one single session\device .
Thank you
emnoc wrote:yes you have that option under the portal
set limit-user-logins enable
when enabled it allows one login ONLY
Under the portal? by cli?
a) for SSLVPN via portal:
config vpn ssl web portal
edit <portal_name_str>
set limit-user-logins {enable | disable}
this will only allow one login via SSLVPN per user (if enabled)
b)
config system global
set policy-auth-concurrent {integer} if > 0, will only allow so many concurrent logins. This applies to identity based policies or portals only.
c) IPsec VPN
there is no way to restrict traffic from multiple source addresses. You can enable user authentication in the policy from <tunnel> to <internal> to use option b) above.
there is no way to restrict traffic from multiple source addresses.
FWIW for ipsec
Depending on radius vendor you have various controls for restriction of multiple clients access based on radius updates and account start/stop records.
Ken
PCNSE
NSE
StrongSwan
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.