Configuring the SSL-VPN
To configure the SSL-VPN:
- On the FortiGate, go to VPN > SSL-VPN Portals, and edit the full-access portal.
- Go to VPN > SSL-VPN Settings.
- Assign the LDAPgroup user group to the full-access portal, and assign All Other Users/Groups to the desired portal. Select Apply.
- Select the prompt at the top of the screen to create a new SSL-VPN policy, including the LDAPgroup, as shown.
Disable Split Tunneling.
Under Connection Settings set Listen on Port to 10443
.
Under Tunnel Mode Client Settings, select Specify custom IP ranges and set it to SSLVPN_TUNNEL_ADDR1.
Under Authentication/Portal Mapping, select Create New.