Fortinet black logo

Administration Guide

Home FortiSASE Administration Guide

Remote VPN user identification

Remote VPN user identification

FortiSASE allows administrators to identify remote VPN users uniquely in internet and private access traffic logs, which is achieved by enabling these capabilities:

  • Adding support for unique SSL VPN IP address ranges per FortiSASE security PoP within the overall 100.65.0.0/16 range. Previously, SSL VPN IP address ranges were not unique between security PoPs.
  • Removing source NAT (SNAT) for remote VPN user traffic destined for secure private access hubs. By default, FortiSASE performs SNAT for such traffic.

For a new FortiSASE instance, this select availability feature is enabled, by default. To add support for this select availability feature to your existing FortiSASE instance, create a new ticket with FortiCare Support.

Note

Currently, as a select availability feature, if enabled the following is possible with your FortiSASE instance:

  • Data loss may be possible.
  • Resetting the instance may be required.

If your FortiSASE instance requires a reset, then the following next steps are required to resume normal operation:

  • Manual reconfiguration of settings.
  • Scheduled maintenance window to re-onboard remote users
Previous
Next

Remote VPN user identification

FortiSASE allows administrators to identify remote VPN users uniquely in internet and private access traffic logs, which is achieved by enabling these capabilities:

  • Adding support for unique SSL VPN IP address ranges per FortiSASE security PoP within the overall 100.65.0.0/16 range. Previously, SSL VPN IP address ranges were not unique between security PoPs.
  • Removing source NAT (SNAT) for remote VPN user traffic destined for secure private access hubs. By default, FortiSASE performs SNAT for such traffic.

For a new FortiSASE instance, this select availability feature is enabled, by default. To add support for this select availability feature to your existing FortiSASE instance, create a new ticket with FortiCare Support.

Note

Currently, as a select availability feature, if enabled the following is possible with your FortiSASE instance:

  • Data loss may be possible.
  • Resetting the instance may be required.

If your FortiSASE instance requires a reset, then the following next steps are required to resume normal operation:

  • Manual reconfiguration of settings.
  • Scheduled maintenance window to re-onboard remote users
Previous
Next