Configuring a FortiGate SSL VPN
Comparison of SSL and IPSec VPN technology
FortiOS v3.0 MR7 SSL VPN User Guide
01-30007-0348-20080718
13
Configuring a FortiGate SSL VPN
This section provides a comparison of SSL and IPSec VPN technology, in addition
to an overview of the two modes of SSL VPN operation. The high-level steps for
configuring each mode are also included with cross-references to underlying
procedures.
The following topics are included in this section:
•
Comparison of SSL and IPSec VPN technology
•
SSL VPN modes of operation
•
Topology
•
Configuration overview
•
Configuring SSL VPN settings
•
Configuring user accounts and SSL VPN user groups
•
Configuring firewall policies
•
Configuring SSL VPN event-logging
•
Monitoring active SSL VPN sessions
•
Configuring SSL VPN bookmarks and bookmark groups
•
SSL VPN host OS patch check
•
Granting unique access permissions for SSL VPN tunnel user groups
•
SSL VPN virtual interface (ssl.root)
•
SSL VPN dropping connections
Comparison of SSL and IPSec VPN technology
The FortiGate unit supports both SSL and IPSec VPN technologies. Each
combines encryption and VPN gateway functions to create private communication
channels over the Internet, which helps to defray physical network costs. Both
enable you to define and deploy network access and firewall policies using a
single management tool. In addition, both support a simple client/user
authentication process (including optional X.509 security certificates). You have
the freedom to use both technologies; however, one may be better suited to the
requirements of your situation.
In general, IPSec VPNs are a good choice for site-to-site connections where
appliance-based firewalls are used to provide network protection, and company
sanctioned client computers are issued to users. SSL VPNs are a good choice for
roaming users who depend on a wide variety of thin-client computers to access
enterprise applications and/or company resources from a remote location.
SSL and IPSec VPN tunnels may operate simultaneously on the same FortiGate
unit.
Summary of Contents for FORTIOS V3.0 MR7
Page 1: ...www fortinet com FortiOS v3 0 MR7 SSL VPN User Guide U S E R G U I D E...
Page 6: ...FortiOS v3 0 MR7 SSL VPN User Guide 6 01 30007 0348 20080718 Contents...
Page 88: ...FortiOS v3 0 MR7 SSL VPN User Guide 88 01 30007 0348 20080718 Index...
Page 89: ...www fortinet com...
Page 90: ...www fortinet com...