Fortinet black logo

SIA Agent-based Deployment Guide

Home FortiSASE SIA Agent-based Deployment Guide

Testing from a managed FortiClient endpoint for granular VPN policies configured on default profile

Testing from a managed FortiClient endpoint for granular VPN policies configured on default profile

If your user belongs to the Remote-Home-Office user group and you have configured the granular VPN policies on the default profile as Adding VPN policies to perform granular firewall actions and inspection describes, you can test these granular VPN policies as follows:

  1. Use the steps in the previous section to connect a user’s endpoint to the FortiSASE tunnel using FortiClient.
  2. From a web browser on the user’s endpoint, access www.fortinet.com.
  3. FortiSASE attempts to match the RemoteHomeOffice-DenyNetflix, but the traffic is not for *.netflix.com.
  4. Then, FortiSASE attempts to match the next VPN policy, the RemoteHomeOffice-AllowFortinet policy, which matches. FortiSASE allows the user access to www.fortinet.com.
Previous
Next

Testing from a managed FortiClient endpoint for granular VPN policies configured on default profile

If your user belongs to the Remote-Home-Office user group and you have configured the granular VPN policies on the default profile as Adding VPN policies to perform granular firewall actions and inspection describes, you can test these granular VPN policies as follows:

  1. Use the steps in the previous section to connect a user’s endpoint to the FortiSASE tunnel using FortiClient.
  2. From a web browser on the user’s endpoint, access www.fortinet.com.
  3. FortiSASE attempts to match the RemoteHomeOffice-DenyNetflix, but the traffic is not for *.netflix.com.
  4. Then, FortiSASE attempts to match the next VPN policy, the RemoteHomeOffice-AllowFortinet policy, which matches. FortiSASE allows the user access to www.fortinet.com.
Previous
Next