Deployment plan
This outlines the major steps to deploy this solution. Go to Deployment procedures for detailed configuration steps:
- Provision your FortiSASE instance and select the regions where your users will be located. Input licenses as needed. See Provisioning your FortiSASE instance.
- Configure users. See Configuring SSO SAML users and Configuring RADIUS users.
- Configure Secure Web Gateway policies to apply desired scanning and filtering for your users. See Configuring security profiles and SWG policies.
- Download the proxy autoconfiguration (PAC) file from the FortiSASE portal. Customize the file to exclude SSL VPN gateway and internal corporate networks. See Downloading and customizing the PAC file.
- Host the PAC file on an externally accessible server. See Hosting the custom PAC file.
- Configure proxy settings on endpoints to point to the PAC file. See Configuring proxy settings on endpoints.
- Modify your SSL VPN gateway to enable split tunneling. See Modifying your SSL VPN gateway to enable split tunneling.