How to create Fortigate SSL VPN

How to create Fortigate SSL VPN

SSL-VPN provides remote users with access to the corporate network using SSLVPN  client while connecting through the Internet to the corporate FortiGate unit. During the connecting phase, the FortiGate unit will also verify that the remote user’s antivirus software is installed and current…

Step 1. Create an SSL VPN portal for remote users

Go to VPN > SSL > Portals

Step 2. Create a user and a user group

Go to User & Devices > User > User Definition

Step 3. Add an address for the local network

Go to Policy & Objects > Objects > Addresses

Step 4. Configure SSL VPN tunnel

Go to VPN > SSL > Settings and set listen on interface(s) to wan1 (i.e. outside interfaces)

Step 5. Add security policies for access to the internet and internal network

Go to Policy & Objects > Policy > !Pv4

Step 6. Set up Fortigate unit to verify users have current antivirus software

Go to System > Status > Dashboard

On CLI Console type

config vpn ssl web portal

edit full-access

set host-check av

end

Step 7. Verify Results

On your url type https://x.x.x.x (IP of external interface – wan1)

Log into the portal using the credentials you created in step 2

Go to VPN > Monitor > SSL-VPN Monitor

Go to Log & Report > Traffic Log > Forward Traffic

Reference: Keith Leroux