Configuring the SSL VPN tunnel

To configure the SSL VPN tunnel, go to VPN > SSL-VPN Settings.
Set Listen on Interface(s) to wan1. To avoid port conflicts, set Listen on Port to 10443.
Set Restrict Access to Allow access from any host
Optionally, set Restrict Access to Limit access to specific hosts and specify the addresses of the hosts that are allowed to connect to this VPN.
In the example, the Fortinet_Factory certificate is used as the Server Certificate. To ensure that traffic is secure, you should use your own CA-signed certificate. For more information about using certificates, see Preventing certificate warnings (CA-signed certificates).
Under Tunnel Mode Client Settings, set IP Ranges to use the default IP range SSLVPN_TUNNEL-ADDR1.
Under Authentication/Portal Mapping, click Create New to add the Employee user group and map it to the full-access portal.
If necessary, map a portal for All Other Users/Groups.

Configuring the SSL VPN tunnel

To configure the SSL VPN tunnel, go to VPN > SSL-VPN Settings.

Set Listen on Interface(s) to wan1. To avoid port conflicts, set Listen on Port to 10443.

Set Restrict Access to Allow access from any host

Optionally, set Restrict Access to Limit access to specific hosts and specify the addresses of the hosts that are allowed to connect to this VPN.

In the example, the Fortinet_Factory certificate is used as the Server Certificate. To ensure that traffic is secure, you should use your own CA-signed certificate. For more information about using certificates, see Preventing certificate warnings (CA-signed certificates).

Under Tunnel Mode Client Settings, set IP Ranges to use the default IP range SSLVPN_TUNNEL-ADDR1.

Under Authentication/Portal Mapping, click Create New to add the Employee user group and map it to the full-access portal.

If necessary, map a portal for All Other Users/Groups.

Cookbook

Configuring the SSL VPN tunnel

Configuring the SSL VPN tunnel

Configuring the SSL VPN tunnel