Configuring a FortiGate SSL VPN
SSL VPN virtual interface (ssl.root)
FortiOS v3.0 MR7 SSL VPN User Guide
01-30007-0348-20080718
61
Go to
Firewall > Policy
and select Create New to create a firewall policy.
For a standard configuration, set up the firewall policies listed below.
To allow ssl users to browse the Internet through the FortiGate unit:
To allow SSL-tunnel users to access a policy-based VPN peer network:
Authentication policy
Source
wan1
Source address
all
Destination
internal
Destination address
internal subnet
Action
sslvpn
Authentication
ssl user group(s)
Inbound access policy
Source
ssl.root
Source address
ip address of remote client
Destination
internal
Destination address
internal subnet
Action
accept
Authentication
No authentication set
Outbound policy
Source
internal
Source address
internal subnet
Destination
ssl.root
Destination address
ssl assigned range
Action
Accept
Authentication
No authentication set
Static route
Destination network
<ssl-assigned subnet>
Destination interface
ssl.root
Internet browsing policy
Source
ssl.root
Source address
ssl-assigned range
Destination
wan1
Destination address
all
Action
accept
NAT enabled
Yes
Protection profile
Recommended
Peer network policy
Source
ssl.root
Source address
ssl-assigned range
Содержание FORTIOS V3.0 MR7
Страница 1: ...www fortinet com FortiOS v3 0 MR7 SSL VPN User Guide U S E R G U I D E...
Страница 6: ...FortiOS v3 0 MR7 SSL VPN User Guide 6 01 30007 0348 20080718 Contents...
Страница 84: ...FortiOS v3 0 MR7 SSL VPN User Guide 84 01 30007 0348 20080718 Logging out Working with the web portal...
Страница 88: ...FortiOS v3 0 MR7 SSL VPN User Guide 88 01 30007 0348 20080718 Index...
Страница 89: ...www fortinet com...
Страница 90: ...www fortinet com...