vpn ssl web user-group-bookmark

Use this command to add bookmarks that will appear on the SSL VPN web portal for all of the users in a user group.

config vpn ssl web user-group-bookmark
    edit {name}
    # Configure SSL VPN user group bookmark.
        set name {string}   Group name. size[64] - datasource(s): user.group.name
        config bookmarks
            edit {name}
            # Bookmark table.
                set name {string}   Bookmark name. size[35]
                set apptype {option}   Application type.
                        citrix       Citrix.
                        ftp          FTP.
                        portforward  Port Forward.
                        rdp          RDP.
                        smb          SMB/CIFS.
                        ssh          SSH.
                        telnet       Telnet.
                        vnc          VNC.
                        web          HTTP/HTTPS.
                set url {string}   URL parameter. size[128]
                set host {string}   Host name/IP parameter. size[128]
                set folder {string}   Network shared file folder parameter. size[128]
                set additional-params {string}   Additional parameters. size[128]
                set listening-port {integer}   Listening port (0 - 65535). range[0-65535]
                set remote-port {integer}   Remote port (0 - 65535). range[0-65535]
                set show-status-window {enable | disable}   Enable/disable showing of status window.
                set description {string}   Description. size[128]
                set server-layout {option}   Server side keyboard layout.
                        de-de-qwertz  German (qwertz).
                        en-gb-qwerty  Engligh (UK).
                        en-us-qwerty  English (US).
                        es-es-qwerty  Spanish.
                        fr-fr-azerty  French (azerty).
                        fr-ch-qwertz  Swiss French (qwertz).
                        it-it-qwerty  Italian.
                        ja-jp-qwerty  Japanese.
                        pt-br-qwerty  Portuguese/Brazilian.
                        sv-se-qwerty  Swedish.
                        tr-tr-qwerty  Turkish.
                        failsafe      Unknown keyboard.
                set security {rdp | nla | tls | any}   Security mode for RDP connection.
                        rdp  Standard RDP encryption.
                        nla  Network Level Authentication.
                        tls  TLS encryption.
                        any  Allow the server to choose the type of security.
                set preconnection-id {integer}   The numeric ID of the RDP source (0-2147483648). range[0-2147483648]
                set preconnection-blob {string}   An arbitrary string which identifies the RDP source. size[511]
                set load-balancing-info {string}   The load balancing information or cookie which should be provided to the connection broker. size[511]
                set port {integer}   Remote port. range[0-65535]
                set logon-user {string}   Logon user. size[35]
                set logon-password {password_string}   Logon password. size[128]
                set sso {disable | static | auto}   Single Sign-On.
                        disable  Disable SSO.
                        static   Static SSO.
                        auto     Auto SSO.
                config form-data
                    edit {name}
                    # Form data.
                        set name {string}   Name. size[35]
                        set value {string}   Value. size[63]
                    next
                set sso-credential {sslvpn-login | alternative}   Single sign-on credentials.
                        sslvpn-login  SSL-VPN login.
                        alternative   Alternative.
                set sso-username {string}   SSO user name. size[35]
                set sso-password {password_string}   SSO password. size[128]
                set sso-credential-sent-once {enable | disable}   Single sign-on credentials are only sent once to remote server.
            next
    next
end

config bookmarks

A configuration method to configure bookmarks to add to the user group.

apptype {citrix | ftp | portforward | rdp | smb | ssh | telnet | vnc | web}

The identifier of the service to associate with the bookmark.

• citrix: Citrix web server interface
• ftp: FTP services
• portforward: port forwarding
• rdp: Windows Terminal services
• smb: SMB/CIFS (Windows file share) services
• ssh: SSH services
• telnet: telnet services
• vnc: VNC services
• web: HTTP/HTTPS services (this is set by default)

folder <folder>

Note: This entry is only available when apptype is set to either ftp or smb.

The folder path.

host <host>

Note: This entry is only available when apptype is set to either portforward, rdp, ssh, telnet, or vnc.

The host IP address or FQDN.

listening-port <port-number>

Note: This entry is only available when apptype is set to portforward.

The listening port, set to 0 by default.

remote-port <port-number>

Note: This entry is only available when apptype is set to portforward.

The remote port, set to 0 by default.

show-status-window {enable | disable}

Note: This entry is only available when apptype is set to portforward.

Enable or disable (by default) the status window display.

url <url>

The URL for this bookmark.

description <description>

The description of the bookmark, with a maximum length of 129 characters.

server-layout {en-us-qwerty | de-de-qwertz | fr-fr-azerty | it-it-qwerty | sv-se-qwerty | failsafe}

Note: This entry is only available when apptype is set to rdp. Also note that this entry is called keyboard-layout in FortiOS 5.2.

The keyboard layout. Select from a number of different layouts.

• en-us-qwerty: The American-English QWERTY layout. This is set by default.
• de-de-qwertz: The Deutsch QWERTZ layout.
• fr-fr-azerty: The French AZERTY layout.
• it-it-qwerty: The Italian QWERTY layout.
• sv-se-qwerty: The Swedish QWERTY layout.
• failsafe: Forces all keyboard events to be sent as Unicode.

security {rdp | nla | tls | any}

Note: This entry is only available when apptype is set to rdp.

The type of encryption security.

• rdp: Standard RDP encryption (set by default)
• nla: Network Level Authentication (NLA)
• tls: TLS encryption
• any: Allow the server to choose the type of security.

port <integer>

Note: This entry is only available when apptype is set to either rdp or vnc.

The remote port. Set the value between 1-65535. The default value is set to 3389.

logon-user <name>

Note: This entry is only available when apptype is set to rdp.

The name of the user.

logon-password <password>

Note: This entry is only available when apptype is set to either rdp or vnc.

The user’s password.

sso {disable | static | auto}

A Single-Sign On (SSO) bookmark that automatically enters the login credentials for the bookmark destination.

• disable: This is not an SSO bookmark
• static: This is an SSO bookmark
• auto: Determines whether SSO is used or not automatically

sso-credential {sslvpn-login | alternative}

Note: This entry is only available when sso is set to either static or auto.

How the user’s credentials are submitted.

• sslvpn-login: The bookmark enters the user’s SSL VPN credentials.
• alternative: Alternative credentials are given, as defined in the sso-username and sso-password entries (see below).

sso-username <name>

Note: This entry is only available when sso-credential is set to alternative.

The user’s alternative username.

sso-password <password>

Note: This entry is only available when sso-credential is set to alternative.

The user’s alternative password.

config form-data

Note: This configuration option is only available when sso is set to static.

A configuration method to set form data values. Edit to create new and specify the settings using the entry available. When configuring an entry, as an administrator configuring bookmarks for users, enter %username% to represent the user’s SSL VPN user name. Enter %passwd% to represent the user’s password.