Fortinet FORTIOS V3.0 MR7 - Manuals

Page 2 - FortiGate v3.0 MR7 SSL VPN User Guide; Trademarks

FortiGate v3.0 MR7 SSL VPN User Guide 18 July 200801-30007-0348-20080718 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechani...

Page 3 - Contents

Contents FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 3 Contents Introduction ........................................................................................ 7 About FortiGate SSL VPN ................................................................................. 7 About this...

Page 7 - Introduction; The following topics are included in this section:; About FortiGate SSL VPN

Introduction About FortiGate SSL VPN FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 7 Introduction This section introduces you to FortiGate™ Secure Sockets Layer (SSL) VPN technology and provides supplementary information about Fortinet™ publications. The following topics are included in ...

Page 8 - “Configuring a FortiGate; About this document; Configuring a FortiGate SSL VPN; Document conventions; The following document conventions are used in this guide:

FortiOS v3.0 MR7 SSL VPN User Guide 8 01-30007-0348-20080718 About this document Introduction Whether to use web-only or tunnel mode depends on the number and type of applications installed on the remote computer. Access to any application not supported through web-only mode can be supported through...

Page 9 - Typographic conventions; FortiGate documentation; The following

Introduction FortiGate documentation FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 9 Typographic conventions FortiGate documentation uses the following typographical conventions: FortiGate documentation The most up-to-date publications and previous releases of Fortinet product documentat...

Page 10 - FortiGate Log Message Reference; Related documentation; FortiManager documentation; Provides a searchable version of the

FortiOS v3.0 MR7 SSL VPN User Guide 10 01-30007-0348-20080718 Related documentation Introduction • FortiGate CLI Reference Describes how to use the FortiGate CLI and contains a reference to all FortiGate CLI commands. • FortiGate Log Message Reference Available exclusively from the Fortinet Knowledg...

Page 11 - FortiClient documentation; FortiAnalyzer documentation; Fortinet Tools and Documentation CD

Introduction Related documentation FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 11 FortiClient documentation • FortiClient Host Security User Guide Describes how to use FortiClient Host Security software to set up a VPN connection from your computer to remote networks, scan your compute...

Page 12 - Comments on Fortinet technical documentation; Customer service and technical support; Please visit the Fortinet Technical Support web site at

FortiOS v3.0 MR7 SSL VPN User Guide 12 01-30007-0348-20080718 Customer service and technical support Introduction Comments on Fortinet technical documentation Please send information about any errors or omissions in this document, or any Fortinet technical documentation, to [email protected]. Cus...

Page 13 - Comparison of SSL and IPSec VPN technology

Configuring a FortiGate SSL VPN Comparison of SSL and IPSec VPN technology FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 13 Configuring a FortiGate SSL VPN This section provides a comparison of SSL and IPSec VPN technology, in addition to an overview of the two modes of SSL VPN operation...

Page 15 - Session failover support; SSL VPN modes of operation; “Web-only mode” on page 15

Configuring a FortiGate SSL VPN SSL VPN modes of operation FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 15 SSL VPNs provide secure access to certain applications. Web-only mode provides remote users with access to server applications from any thin client computer equipped with a web bro...

Page 16 - Web-only mode client requirements

FortiOS v3.0 MR7 SSL VPN User Guide 16 01-30007-0348-20080718 SSL VPN modes of operation Configuring a FortiGate SSL VPN In web-only mode, the FortiGate unit acts as a secure HTTP/HTTPS gateway and authenticates remote users as members of a user group. After successful authentication, the FortiGate ...

Page 17 - Tunnel-mode client requirements; The remote computer must be equipped with the following software:; Topology; Figure 1

Configuring a FortiGate SSL VPN Topology FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 17 When the user initiates a VPN connection with the FortiGate unit through the SSL VPN client, the FortiGate unit establishes a tunnel with the client and assigns the client a virtual IP address from ...

Page 18 - Figure 1: Example SSL VPN configuration; Infrastructure requirements; If the remote clients need web-only mode access, see

FortiOS v3.0 MR7 SSL VPN User Guide 18 01-30007-0348-20080718 Topology Configuring a FortiGate SSL VPN Figure 1: Example SSL VPN configuration To provide remote clients with access to all of the servers on Subnet_1 from the Internet, you would configure FortiGate_1 as follows: • Create an SSL VPN us...

Page 19 - Configuration overview; FortiGate Certificate Management User; Configuring the SSL VPN client; for the specific versions that are supported). When a system

Configuring a FortiGate SSL VPN Configuration overview FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 19 Configuration overview Before you begin, install your choice of HTTP/HTTPS, telnet, SSH, FTP, SMB/CIFS, VNC, and/or RDP server applications on the internal network. As an alternative, ...

Page 20 - SSL VPN Virtual Desktop application.; To download and run the SSL VPN Virtual Desktop application

FortiOS v3.0 MR7 SSL VPN User Guide 20 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN SSL VPN Virtual Desktop application. The virtual desktop application creates a virtual desktop on a user's PC and monitors the data read/write activity of the web browser runn...

Page 21 - The FortiGate index page opens.

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 21 The FortiGate index page opens. 4 Select v3.0 and then MR7. This takes you to the page with firmware images for MR7. 5 Select SSL VPN Clients.

Page 22 - To download the SSL VPN Virtual Desktop, select; Start; When you are prompted for your user name and password:

FortiOS v3.0 MR7 SSL VPN User Guide 22 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN 6 To download the SSL VPN Virtual Desktop, select SSLVPNVirtualDesktopSetup_3.0.384.exe and follow the InstallShield Wizard instructions. Figure 2: FortiClient SSL VPN Install...

Page 23 - To connect to a web server from the Tools area; or; To ping a host or server behind the FortiGate unit; Using the SSL VPN standalone tunnel clients

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 23 The FortiGate unit will redirect your web browser to the FortiGate SSL VPN Remote Access Web Portal home page automatically. The fields in the Tools area enable you to specify ...

Page 24 - To download the SSL VPN standalone tunnel client (Windows); Figure 4: FortiGate index page

FortiOS v3.0 MR7 SSL VPN User Guide 24 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN To download the SSL VPN standalone tunnel client (Windows) 1 Go to the Fortinet Technologies home page at http://support.fortinet.com/ and select Support. 2 Under Support, ent...

Page 25 - This takes you to the page with firmware images for MR7.

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 25 This takes you to the page with firmware images for MR7. 5 Select SSL VPN Clients. 6 To download the SSL VPN Windows client application, select FortiClientSSLVPNSetup_3.0.384.e...

Page 26 - Go to

FortiOS v3.0 MR7 SSL VPN User Guide 26 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN To use the SSL VPN standalone tunnel client (Windows) 1 Go to Start > All Programs > Fortinet > FortiClient SSL VPN > FortiClient SSL VPN . 2 Select Connect. 3 To ...

Page 27 - To download the SSL VPN standalone tunnel client (Linux)

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 27 To download the SSL VPN standalone tunnel client (Linux) 1 Go to the Fortinet Technologies home page at http://support.fortinet.com/ and select Support. 2 Under Support, enter ...

Page 28 - forticlientsslvpn

FortiOS v3.0 MR7 SSL VPN User Guide 28 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN This takes you to the page with firmware images for MR7. 5 Select SSL VPN Clients. 6 To download the SSL VPN standalone tunnel client (Linux), select forticlientsslvpn_linux_3...

Page 30 - To use the SSL VPN standalone tunnel client (Linux); User; Password; Advanced settings

FortiOS v3.0 MR7 SSL VPN User Guide 30 01-30007-0348-20080718 Configuring the SSL VPN client Configuring a FortiGate SSL VPN To use the SSL VPN standalone tunnel client (Linux) 1 Go to the folder that you downloaded the Linux tunnel client application into, and double-click on ‘ forticlientsslvpn ’....

Page 31 - To uninstall the SSL VPN standalone tunnel client (Linux)

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 31 To uninstall the SSL VPN standalone tunnel client (Linux) Remove/delete the folder containing all the SSL VPN client application files. To download the SSL VPN standalone tunne...

Page 33 - To use the SSL VPN standalone tunnel client (MacOS); Go to the Applications folder and double-click on; To uninstall the SSL VPN standalone tunnel client (MacOS); In the Applications folder, select ‘

Configuring a FortiGate SSL VPN Configuring the SSL VPN client FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 33 To use the SSL VPN standalone tunnel client (MacOS) 1 Go to the Applications folder and double-click on forticlientsslvpn . The FortiClient SSL VPN tunnel client (MacOS) opens....

Page 34 - Configuring SSL VPN settings; FortiGate Installation Guide; Enabling SSL VPN connections and editing SSL VPN settings

FortiOS v3.0 MR7 SSL VPN User Guide 34 01-30007-0348-20080718 Configuring SSL VPN settings Configuring a FortiGate SSL VPN Configuring SSL VPN settings You can configure and manage the FortiGate unit through a secure HTTP (HTTPS) connection from any computer running a web browser. For information ab...

Page 36 - When you finish making your selections, select Apply.; Specifying a port number for web portal connections; Specifying an IP address range for tunnel-mode clients; The Tunnel IP Range fields on the

FortiOS v3.0 MR7 SSL VPN User Guide 36 01-30007-0348-20080718 Configuring SSL VPN settings Configuring a FortiGate SSL VPN When you finish making your selections, select Apply. Specifying a port number for web portal connections You can optionally specify a different TCP port number for users to acc...

Page 37 - To reserve a range of IP addresses for tunnel-mode clients; Enabling strong authentication through security certificates; Specifying the cipher suite for SSL negotiations

Configuring a FortiGate SSL VPN Configuring SSL VPN settings FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 37 To reserve a range of IP addresses for tunnel-mode clients 1 Go to VPN > SSL > Config . 2 In the Tunnel IP Range fields, type the starting and ending IP addresses (for exam...

Page 38 - Setting the client authentication timeout setting; config vpn ssl settings; Adding a custom caption to the web portal home page; To add a custom caption; Adding WINS and DNS services for clients; “Configuring user accounts and SSL VPN user groups” on page 42; To display a custom popup window for a user group

FortiOS v3.0 MR7 SSL VPN User Guide 38 01-30007-0348-20080718 Configuring SSL VPN settings Configuring a FortiGate SSL VPN Setting the client authentication timeout setting The client authentication timeout setting controls how long an authenticated connection will remain connected. When this time e...

Page 39 - Customizing the web portal login page; To edit the HTML code; Configuring user accounts and SSL VPN user groups

Configuring a FortiGate SSL VPN Configuring user accounts and SSL VPN user groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 39 2 Select the Edit icon in the row that corresponds to the SSL VPN user group. 3 Expand SSL-VPN User Group Options. 4 In the Redirect URL field, type the URL ...

Page 40 - FortiGate Administration Guide; To create a user account in the Local domain; Disable

FortiOS v3.0 MR7 SSL VPN User Guide 40 01-30007-0348-20080718 Configuring user accounts and SSL VPN user groups Configuring a FortiGate SSL VPN You can choose to use a plain text password for authentication through the FortiGate unit (Local domain), forward authentication requests to an external RAD...

Page 41 - To create a user group

Configuring a FortiGate SSL VPN Configuring user accounts and SSL VPN user groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 41 To create a user group 1 Go to User > User Group and select Create New. 2 In the Name field, type a name for the group (for example, Web-only_group ). 3 F...

Page 42 - Table 1

FortiOS v3.0 MR7 SSL VPN User Guide 42 01-30007-0348-20080718 Configuring user accounts and SSL VPN user groups Configuring a FortiGate SSL VPN 7 To activate the split tunnel feature, select Enable Split Tunneling. Split tunneling ensures that only the traffic for the private network is sent to the ...

Page 43 - Note; : This custom message overrides the portal message configured in; Configuring firewall policies; “Configuring user

Configuring a FortiGate SSL VPN Configuring firewall policies FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 43 Require Virtual Desktop Connection prevents a user from establishing a SSL VPN session without using the SSL VPN Virtual Desktop application. For more information, see the SSL V...

Page 44 - binding the user group to the firewall policy; Configuring firewall addresses; To specify the destination IP address

FortiOS v3.0 MR7 SSL VPN User Guide 44 01-30007-0348-20080718 Configuring firewall policies Configuring a FortiGate SSL VPN • specifying the level of SSL encryption to use and the authentication method • binding the user group to the firewall policy The following topics are included in this section:...

Page 45 - To define the firewall policy for web-only mode connections; Source; Destination; Service

Configuring a FortiGate SSL VPN Configuring firewall policies FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 45 5 Select OK. To define the firewall policy for web-only mode connections 1 Go to Firewall > Policy and select Create New. 2 Enter these settings in particular: 3 Select OK. 4...

Page 46 - Configuring tunnel-mode firewall policies; To specify the source IP address

FortiOS v3.0 MR7 SSL VPN User Guide 46 01-30007-0348-20080718 Configuring firewall policies Configuring a FortiGate SSL VPN Configuring tunnel-mode firewall policies Follow the procedures in this section to complete a tunnel-mode configuration. These procedures assume that you have already completed...

Page 47 - To define the firewall policy for tunnel-mode operations

Configuring a FortiGate SSL VPN Configuring firewall policies FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 47 3 From the Type list, select Subnet/IP Range. 4 In the Subnet/IP Range field, type the corresponding IP address and subnet mask (for example, 172.16.10.0/24 ). If the remote cli...

Page 48 - “To specify the destination IP address” on page 46; Configuring SSL VPN event-logging; To log SSL VPN events; Available Groups

FortiOS v3.0 MR7 SSL VPN User Guide 48 01-30007-0348-20080718 Configuring SSL VPN event-logging Configuring a FortiGate SSL VPN 3 Select OK. 4 If the user group requires access to another server or network, create the IP destination address (see “To specify the destination IP address” on page 46 ) a...

Page 49 - FortiGate; To filter SSL VPN events; Monitoring active SSL VPN sessions; Figure 6; Source IP; Description

Configuring a FortiGate SSL VPN Monitoring active SSL VPN sessions FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 49 4 If logs will be written to system memory, from the Log Level list, select Information. For more information, see the “Log & Report” chapter of the FortiGate Administr...

Page 50 - Configuring SSL VPN bookmarks and bookmark groups; Viewing the SSL VPN bookmark list; To view the list of predefined SSL VPN bookmarks, go to; Bookmark; Figure 8: Bookmark list; See also; Edit

FortiOS v3.0 MR7 SSL VPN User Guide 50 01-30007-0348-20080718 Configuring SSL VPN bookmarks and bookmark groups Configuring a FortiGate SSL VPN Figure 7: Monitor list: Tunnel-mode connection If required, you can end a session/connection by selecting the Delete button in the row that corresponds to t...

Page 51 - Configuring SSL VPN bookmarks; Bookmark Name

Configuring a FortiGate SSL VPN Configuring SSL VPN bookmarks and bookmark groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 51 • Viewing the SSL VPN Bookmark Groups list • Configuring SSL VPN bookmark groups Configuring SSL VPN bookmarks Go to VPN > SSL > Bookmark and select Cr...

Page 52 - Viewing the SSL VPN Bookmark Groups list; To view a list of bookmark groups, go to; Configuring SSL VPN bookmark groups; Bookmarks

FortiOS v3.0 MR7 SSL VPN User Guide 52 01-30007-0348-20080718 Configuring SSL VPN bookmarks and bookmark groups Configuring a FortiGate SSL VPN • Viewing the SSL VPN Bookmark Groups list • Configuring SSL VPN bookmark groups Viewing the SSL VPN Bookmark Groups list You can create a group of specific...

Page 53 - Assigning SSL VPN bookmark groups to SSL VPN users; To assign a bookmark group to a user group, go to; Left arrow button

Configuring a FortiGate SSL VPN Configuring SSL VPN bookmarks and bookmark groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 53 See also • Configuring SSL VPN settings • Monitoring active SSL VPN sessions • Configuring SSL VPN bookmarks and bookmark groups • Viewing the SSL VPN bookma...

Page 54 - SSL VPN host OS patch check; Configuration Example; ) and above permission to access SSL

FortiOS v3.0 MR7 SSL VPN User Guide 54 01-30007-0348-20080718 SSL VPN host OS patch check Configuring a FortiGate SSL VPN SSL VPN host OS patch check SSLVPN Client OS Patch Check feature allows a client with a specific OS patch to access SSL VPN services. The host check only works on Windows platfor...

Page 55 - Figure 13: SSL VPN configuration for unique access permissions

Configuring a FortiGate SSL VPN Granting unique access permissions for SSL VPN tunnel user groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 55 set tolerance 1 end config sslvpn-os-check-list "windows-xp" set action allow end set member "u1" set sslvpn-split-tunneling ...

Page 56 - First, you establish the tunnel IP range.

FortiOS v3.0 MR7 SSL VPN User Guide 56 01-30007-0348-20080718 Granting unique access permissions for SSL VPN tunnel user groups Configuring a FortiGate SSL VPN Sample configuration for unique access permissions with tunnel mode user groups In this sample configuration, there are two user groups, eac...

Page 58 - After creating the source and destination addresses, go to

FortiOS v3.0 MR7 SSL VPN User Guide 58 01-30007-0348-20080718 Granting unique access permissions for SSL VPN tunnel user groups Configuring a FortiGate SSL VPN Figure 17: Source/destination firewall addresses - Public IP Figure 18: Source/destination firewall addresses - Linux/Windows PC After creat...

Page 59 - Figure 19: user1 firewall policy

Configuring a FortiGate SSL VPN Granting unique access permissions for SSL VPN tunnel user groups FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 59 Figure 19: user1 firewall policy The user2 policy is also an SSL-VPN firewall policy that includes the applicable source and destination addr...

Page 60 - Figure 21: Firewall policy list

FortiOS v3.0 MR7 SSL VPN User Guide 60 01-30007-0348-20080718 SSL VPN virtual interface (ssl.root) Configuring a FortiGate SSL VPN Figure 21: Firewall policy list To avoid overlap with other firewall policies, add a DENY policy below the SSL VPN policies (the source is the SSL VPN tunnel IP range). ...

Page 62 - SSL VPN dropping connections; Use following commands in CLI to resolve the issue:; Action; VPN tunnel

FortiOS v3.0 MR7 SSL VPN User Guide 62 01-30007-0348-20080718 SSL VPN dropping connections Configuring a FortiGate SSL VPN SSL VPN dropping connections When a FortiGate unit has multiple internet connections, the SSLVPN client can connect to the SSLVPN web portal, but when attempting to click Connec...

Page 65 - Working with the web portal; Connecting to the FortiGate unit; To log in to the FortiGate secure HTTP gateway

Working with the web portal Connecting to the FortiGate unit FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 65 Working with the web portal This section introduces the web portal features and explains how to configure them. The following topics are included in this section: • Connecting to...

Page 66 - Web portal home page features

FortiOS v3.0 MR7 SSL VPN User Guide 66 01-30007-0348-20080718 Web portal home page features Working with the web portal 4 When you are prompted for your user name and password: • In the Name field, type your user name. • In the Password field, type your password. 5 Select Login. The FortiGate unit w...

Page 67 - Figure 22: FortiGate SSL VPN Remote Access Web Portal page

Working with the web portal Web portal home page features FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 67 Figure 22: FortiGate SSL VPN Remote Access Web Portal page If your user account permits web-only mode access, and your administrator has set up pre-defined bookmarks for you, they w...

Page 68 - Launching web portal applications; “Adding a bookmark

FortiOS v3.0 MR7 SSL VPN User Guide 68 01-30007-0348-20080718 Launching web portal applications Working with the web portal In the Tools area, you can connect to a web server or start a telnet session. You can also check connectivity to a host or server on the network behind the FortiGate unit. For ...

Page 69 - The CLI command related to the obfuscation technique is; Adding a bookmark to the My Bookmarks list

Working with the web portal Launching web portal applications FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 69 The encryption key is only valid for the current user session. Once the user logs out, the key is no longer valid. In the case of FTP and SMB, the path/filename is translated in...

Page 70 - To add an HTTP or HTTPS connection and access the web server; In the Title field, type a name to represent the connection.

FortiOS v3.0 MR7 SSL VPN User Guide 70 01-30007-0348-20080718 Launching web portal applications Working with the web portal To add an HTTP or HTTPS connection and access the web server 1 Select Add Bookmark. 2 In the Title field, type a name to represent the connection. 3 From the Application Type l...

Page 71 - To add a telnet connection and start a telnet session

Working with the web portal Launching web portal applications FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 71 The FortiGate unit replaces the URL with https:// <FG_IP_address>:<port_no> /proxy/http/ <specified_URL> and the requested page is displayed. 7 To end the sess...

Page 72 - To end the session, select Disconnect (or type; To add an FTP connection and start an FTP session

FortiOS v3.0 MR7 SSL VPN User Guide 72 01-30007-0348-20080718 Launching web portal applications Working with the web portal 9 To end the session, select Disconnect (or type exit ) and then close the TELNET connection window. To add an FTP connection and start an FTP session 1 Select Add Bookmark. 2 ...

Page 73 - share; To add a SMB/CIFS connection and start a SMB session

Working with the web portal Launching web portal applications FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 73 After you log in, the files and subdirectories in the root directory are displayed. You can switch to a subdirectory from the root directory. For example, the following image sh...

Page 75 - To add a VNC connection and start a VNC session; VNC; To start a VNC session, select the hyperlink that you created.

Working with the web portal Launching web portal applications FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 75 To add a VNC connection and start a VNC session 1 Select Add Bookmark. 2 In the Title field, type a name to represent the connection. 3 From the Application Type list, select VN...

Page 76 - To add a RDP connection and start a RDP session; RDP; RDP to Host

FortiOS v3.0 MR7 SSL VPN User Guide 76 01-30007-0348-20080718 Launching web portal applications Working with the web portal To add a RDP connection and start a RDP session 1 Select Add Bookmark. 2 In the Title field, type a name to represent the connection. 3 From the Application Type list, select R...

Page 77 - To start a RDP session, select the hyperlink that you created.

Working with the web portal Launching web portal applications FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 77 6 To start a RDP session, select the hyperlink that you created. 7 When you see a screen configuration dialog, click OK. 8 When you are prompted to log in to the remote host, ty...

Page 78 - To add a SSH connection and start a SSH session

FortiOS v3.0 MR7 SSL VPN User Guide 78 01-30007-0348-20080718 Launching web portal applications Working with the web portal To add a SSH connection and start a SSH session 1 Select Add Bookmark. 2 In the Title field, type a name to represent the connection. 3 From the Application Type list, select S...

Page 80 - Starting a session from the Tools area; exit; Tunnel-mode features; “Working with the ActiveX/Java Platform

FortiOS v3.0 MR7 SSL VPN User Guide 80 01-30007-0348-20080718 Starting a session from the Tools area Working with the web portal Starting a session from the Tools area You can connect to any web server or telnet server without adding a bookmark to the My Bookmarks list. The fields in the Tools area ...

Page 81 - Working with the ActiveX/Java Platform plug-in

Working with the web portal Tunnel-mode features FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 81 Figure 25: Fortinet SSL VPN Client 1.0 page (tunnel mode) Working with the ActiveX/Java Platform plug-in The ActiveX/Java Platform plug-ins provide the software that your client computer nee...

Page 82 - To download and install the ActiveX/Java Platform plugin; The Fortinet SSL VPN Client 1.0 page is displayed.; To initiate a VPN tunnel with the FortiGate unit; The Fortinet SSL VPN Client page opens.

FortiOS v3.0 MR7 SSL VPN User Guide 82 01-30007-0348-20080718 Tunnel-mode features Working with the web portal To download and install the ActiveX/Java Platform plugin 1 At the top of the web portal home page, select the Activate SSL-VPN Tunnel Mode link. 2 The FortiGate unit may prompt you to insta...

Page 83 - Figure 26: Tunnel established; Uninstalling the ActiveX/Java Platform plugin; To uninstall the ActiveX/Java Platform plugin; Logging out; Logout

Working with the web portal Logging out FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 83 2 Select Connect. Figure 26: Tunnel established After the “Fortinet SSL VPN client connected to server” message is displayed and the Disconnect button is enabled (see Figure 26), you have direct acce...

Page 85 - Index

Index FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 85 Index A ActiveX plugin downloading 81uninstalling 83 applications, web-portal 68authentication timeout setting 40 B bookmarks user-defined 69 C certificates allow group certificate 47self signed 65X.509 20 cifs session, establishing ...