Fortinet FORTIOS V3.0 MR7 - Manual

Fortinet FORTIOS V3.0 MR7

Fortinet FORTIOS V3.0 MR7 – Manual, read for free online in PDF format. We hope this helps you resolve any issues you may have. If you have further questions, please contact us through the contact form.

1 Page 1
2 Page 2
3 Page 3
4 Page 4
5 Page 5
6 Page 6
7 Page 7
8 Page 8
9 Page 9
10 Page 10
11 Page 11
12 Page 12
13 Page 13
14 Page 14
15 Page 15
16 Page 16
17 Page 17
18 Page 18
19 Page 19
20 Page 20
21 Page 21
22 Page 22
23 Page 23
24 Page 24
25 Page 25
26 Page 26
27 Page 27
28 Page 28
29 Page 29
30 Page 30
31 Page 31
32 Page 32
33 Page 33
34 Page 34
35 Page 35
36 Page 36
37 Page 37
38 Page 38
39 Page 39
40 Page 40
41 Page 41
42 Page 42
43 Page 43
44 Page 44
45 Page 45
46 Page 46
47 Page 47
48 Page 48
49 Page 49
50 Page 50
51 Page 51
52 Page 52
53 Page 53
54 Page 54
55 Page 55
56 Page 56
57 Page 57
58 Page 58
59 Page 59
60 Page 60
61 Page 61
62 Page 62
63 Page 63
64 Page 64
65 Page 65
66 Page 66
67 Page 67
68 Page 68
69 Page 69
70 Page 70
71 Page 71
72 Page 72
73 Page 73
74 Page 74
75 Page 75
76 Page 76
77 Page 77
78 Page 78
79 Page 79
80 Page 80
81 Page 81
82 Page 82
83 Page 83
84 Page 84
85 Page 85
86 Page 86
87 Page 87
88 Page 88
89 Page 89
90 Page 90
Page: / 90

Table of Contents:

  • Page 2 – FortiGate v3.0 MR7 SSL VPN User Guide; Trademarks
  • Page 3 – Contents
  • Page 7 – Introduction; The following topics are included in this section:; About FortiGate SSL VPN
  • Page 8 – “Configuring a FortiGate; About this document; Configuring a FortiGate SSL VPN; Document conventions; The following document conventions are used in this guide:
  • Page 9 – Typographic conventions; FortiGate documentation; The following
  • Page 10 – FortiGate Log Message Reference; Related documentation; FortiManager documentation; Provides a searchable version of the
  • Page 11 – FortiClient documentation; FortiAnalyzer documentation; Fortinet Tools and Documentation CD
  • Page 12 – Comments on Fortinet technical documentation; Customer service and technical support; Please visit the Fortinet Technical Support web site at
  • Page 13 – Comparison of SSL and IPSec VPN technology
  • Page 15 – Session failover support; SSL VPN modes of operation; “Web-only mode” on page 15
  • Page 16 – Web-only mode client requirements
  • Page 17 – Tunnel-mode client requirements; The remote computer must be equipped with the following software:; Topology; Figure 1
  • Page 18 – Figure 1: Example SSL VPN configuration; Infrastructure requirements; If the remote clients need web-only mode access, see
  • Page 19 – Configuration overview; FortiGate Certificate Management User; Configuring the SSL VPN client; for the specific versions that are supported). When a system
  • Page 20 – SSL VPN Virtual Desktop application.; To download and run the SSL VPN Virtual Desktop application
  • Page 21 – The FortiGate index page opens.
  • Page 22 – To download the SSL VPN Virtual Desktop, select; Start; When you are prompted for your user name and password:
  • Page 23 – To connect to a web server from the Tools area; or; To ping a host or server behind the FortiGate unit; Using the SSL VPN standalone tunnel clients
  • Page 24 – To download the SSL VPN standalone tunnel client (Windows); Figure 4: FortiGate index page
  • Page 25 – This takes you to the page with firmware images for MR7.
  • Page 26 – Go to
  • Page 27 – To download the SSL VPN standalone tunnel client (Linux)
  • Page 28 – forticlientsslvpn
  • Page 30 – To use the SSL VPN standalone tunnel client (Linux); User; Password; Advanced settings
  • Page 31 – To uninstall the SSL VPN standalone tunnel client (Linux)
  • Page 33 – To use the SSL VPN standalone tunnel client (MacOS); Go to the Applications folder and double-click on; To uninstall the SSL VPN standalone tunnel client (MacOS); In the Applications folder, select ‘
  • Page 34 – Configuring SSL VPN settings; FortiGate Installation Guide; Enabling SSL VPN connections and editing SSL VPN settings
  • Page 36 – When you finish making your selections, select Apply.; Specifying a port number for web portal connections; Specifying an IP address range for tunnel-mode clients; The Tunnel IP Range fields on the
  • Page 37 – To reserve a range of IP addresses for tunnel-mode clients; Enabling strong authentication through security certificates; Specifying the cipher suite for SSL negotiations
  • Page 38 – Setting the client authentication timeout setting; config vpn ssl settings; Adding a custom caption to the web portal home page; To add a custom caption; Adding WINS and DNS services for clients; “Configuring user accounts and SSL VPN user groups” on page 42; To display a custom popup window for a user group
  • Page 39 – Customizing the web portal login page; To edit the HTML code; Configuring user accounts and SSL VPN user groups
  • Page 40 – FortiGate Administration Guide; To create a user account in the Local domain; Disable
  • Page 41 – To create a user group
  • Page 42 – Table 1
  • Page 43 – Note; : This custom message overrides the portal message configured in; Configuring firewall policies; “Configuring user
  • Page 44 – binding the user group to the firewall policy; Configuring firewall addresses; To specify the destination IP address
  • Page 45 – To define the firewall policy for web-only mode connections; Source; Destination; Service
  • Page 46 – Configuring tunnel-mode firewall policies; To specify the source IP address
  • Page 47 – To define the firewall policy for tunnel-mode operations
  • Page 48 – “To specify the destination IP address” on page 46; Configuring SSL VPN event-logging; To log SSL VPN events; Available Groups
  • Page 49 – FortiGate; To filter SSL VPN events; Monitoring active SSL VPN sessions; Figure 6; Source IP; Description
  • Page 50 – Configuring SSL VPN bookmarks and bookmark groups; Viewing the SSL VPN bookmark list; To view the list of predefined SSL VPN bookmarks, go to; Bookmark; Figure 8: Bookmark list; See also; Edit
  • Page 51 – Configuring SSL VPN bookmarks; Bookmark Name
  • Page 52 – Viewing the SSL VPN Bookmark Groups list; To view a list of bookmark groups, go to; Configuring SSL VPN bookmark groups; Bookmarks
  • Page 53 – Assigning SSL VPN bookmark groups to SSL VPN users; To assign a bookmark group to a user group, go to; Left arrow button
  • Page 54 – SSL VPN host OS patch check; Configuration Example; ) and above permission to access SSL
  • Page 55 – Figure 13: SSL VPN configuration for unique access permissions
  • Page 56 – First, you establish the tunnel IP range.
  • Page 58 – After creating the source and destination addresses, go to
  • Page 59 – Figure 19: user1 firewall policy
  • Page 60 – Figure 21: Firewall policy list
  • Page 62 – SSL VPN dropping connections; Use following commands in CLI to resolve the issue:; Action; VPN tunnel
  • Page 65 – Working with the web portal; Connecting to the FortiGate unit; To log in to the FortiGate secure HTTP gateway
  • Page 66 – Web portal home page features
  • Page 67 – Figure 22: FortiGate SSL VPN Remote Access Web Portal page
  • Page 68 – Launching web portal applications; “Adding a bookmark
  • Page 69 – The CLI command related to the obfuscation technique is; Adding a bookmark to the My Bookmarks list
  • Page 70 – To add an HTTP or HTTPS connection and access the web server; In the Title field, type a name to represent the connection.
  • Page 71 – To add a telnet connection and start a telnet session
  • Page 72 – To end the session, select Disconnect (or type; To add an FTP connection and start an FTP session
  • Page 73 – share; To add a SMB/CIFS connection and start a SMB session
  • Page 75 – To add a VNC connection and start a VNC session; VNC; To start a VNC session, select the hyperlink that you created.
  • Page 76 – To add a RDP connection and start a RDP session; RDP; RDP to Host
  • Page 77 – To start a RDP session, select the hyperlink that you created.
  • Page 78 – To add a SSH connection and start a SSH session
  • Page 80 – Starting a session from the Tools area; exit; Tunnel-mode features; “Working with the ActiveX/Java Platform
  • Page 81 – Working with the ActiveX/Java Platform plug-in
  • Page 82 – To download and install the ActiveX/Java Platform plugin; The Fortinet SSL VPN Client 1.0 page is displayed.; To initiate a VPN tunnel with the FortiGate unit; The Fortinet SSL VPN Client page opens.
  • Page 83 – Figure 26: Tunnel established; Uninstalling the ActiveX/Java Platform plugin; To uninstall the ActiveX/Java Platform plugin; Logging out; Logout
  • Page 85 – Index
Loading the manual

www.fortinet.com

FortiOS v3.0 MR7

SSL VPN User Guide

U S E R G U I D E

"Loading the manual" means you need to wait until the file loads and becomes available for online reading. Some manuals are very large, and the time they take to appear depends on your internet speed.

Summary

Page 2 - FortiGate v3.0 MR7 SSL VPN User Guide; Trademarks

FortiGate v3.0 MR7 SSL VPN User Guide 18 July 200801-30007-0348-20080718 © Copyright 2008 Fortinet, Inc. All rights reserved. No part of this publication including text, examples, diagrams or illustrations may be reproduced, transmitted, or translated in any form or by any means, electronic, mechani...

Page 3 - Contents

Contents FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 3 Contents Introduction ........................................................................................ 7 About FortiGate SSL VPN ................................................................................. 7 About this...

Page 7 - Introduction; The following topics are included in this section:; About FortiGate SSL VPN

Introduction About FortiGate SSL VPN FortiOS v3.0 MR7 SSL VPN User Guide01-30007-0348-20080718 7 Introduction This section introduces you to FortiGate™ Secure Sockets Layer (SSL) VPN technology and provides supplementary information about Fortinet™ publications. The following topics are included in ...

Other Fortinet Models

All Fortinet Other