Support User Manuals

Fortinet FORTIOS V3.0 MR7 Network Router User Manual

Open as PDF

of 90

FortiOS v3.0 MR7 SSL VPN User Guide

34 01-30007-0348-20080718

Configuring SSL VPN settings Configuring a FortiGate SSL VPN

Configuring SSL VPN settings

You can configure and manage the FortiGate unit through a secure HTTP

(HTTPS) connection from any computer running a web browser. For information

about how to connect to the web-based manager, see “Connecting to the web-

based manager” in the FortiGate Installation Guide.

Refer to the FortiGate Installation Guide and FortiGate Administration Guide to

change the password, configure the interfaces of the FortiGate unit, and assign

basic operating parameters, including a default gateway.

There are basic administrative tasks common to all modes of operation that must

be completed first, regardless of the connection mode you select.

The VPN > SSL > Config page contains basic SSL VPN settings including idle-

timeout values and SSL encryption preferences for compatibility with various web

browsers. You may also optionally enable authentication through X.509 security

certificates (for more information about security certificates, see the FortiGate

Certificate Management User Guide).

In addition to setting these preferences on the VPN > SSL > Config page, you

may choose to modify the following system settings:

• The FortiGate unit redirects web browsers to the web portal home page after

the remote client has been authenticated and the user has logged in

successfully. As an option, you can display a second HTML page in a popup

window for all members of a user group. For more information, see

“Redirecting a user group to a popup window” on page 40.

• You can customize the look of the web portal login page through replacement

messages. For more information, see “Customizing the web portal login page”

on page 41.

Enabling SSL VPN connections and editing SSL VPN settings

To enable SSL VPN connections and configure or edit SSL VPN settings, go to

VPN > SSL > Config and select Enable SSL-VPN. The FortiGate unit does not

accept web-only mode or tunnel-mode connections while SSL VPN operation is

disabled.

Note: As an alternative, you can connect the management computer to the Console

connector of the FortiGate unit directly using a serial cable and configure the FortiGate unit

through the Command Line Interface (CLI). The CLI can also be launched from within the

web-based manager. For more information, see “Connecting to the FortiGate console” in

the FortiGate CLI Reference.

previous next