SMBv2 support
On all FortiGate models, SMBv2 is enabled by default for SSL VPN. Client PCs can access the SMBv2 server using SSL VPN web-only mode.
To configure SMBv2:
- Set the minimum and maximum SMB versions.
config vpn ssl web portal edit portal-name set smb-min-version smbv2 set smb-max-version smbv3 next end
- Configure the SSL VPN settings (see SSL VPN full tunnel for remote user).
- Configure the firewall policy (see Firewall policy).
- Connect to the SSL VPN web portal and create an SMB bookmark for the SMBv2 server.
- Click the bookmark to connect to the SMBv2 server.
- On the FortiGate, use package capture to verify that SMBv2 works: