Fortinet black logo

Handbook

Using the Bookmarks widget

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:382322
Download PDF

Using the Bookmarks widget

The Bookmarks widget shows both administrator-configured and user-configured bookmarks. Administrator bookmarks cannot be altered but you can add, edit or delete user bookmarks.

The FortiGate unit forwards client requests to servers on the Internet or internal network. To use the web-portal applications, you add the URL, IP address, or name of the server application to the My Bookmarks list. For more information, see Adding bookmarks.

note icon If you want to access a web server or telnet server without first adding a bookmark to the My Bookmarks list, use the Connection Tool instead. For more information, see Using the Bookmarks widget.

Adding bookmarks

You can add frequently used connections as bookmarks. Afterward, select any hyperlink from the Bookmarks list to initiate a session.

To add a bookmark
  1. In the web portal, select New Bookmark.
  2. Enter the following information:
  3. Name

    Enter the name to display in the Bookmarks list.

    Type

    Select the abbreviated name of the server application or network service from the drop-down list.

    Location

    Enter the IP address or FQDN of the server application or network service.

    For RDP connections, you can append some parameters to control screen size and keyboard layout. See Using the Bookmarks widget.

    Description

    Optionally enter a short description. The description displays when you pause the mouse pointer over the hyperlink.

    SSO

    Single Sign On (SSO) is available for HTTP/HTTPS bookmarks only.

    Disabled — This is not an SSO bookmark.

    Automatic — Use your SSL VPN credentials or an alternate set. See the SSO Credentials field.

    Static — Supply credentials and other required information (such as an account number) to a web site that uses an HTML form for authentication. You provide a list of the form field names and the values to enter into them. This method does not work for sites that use HTTP authentication, in which the browser opens a pop-up dialog box requesting credentials.

    SSO fields

    SSO Credentials

    SSL VPN Login — Use your SSL VPN login credentials.

    Alternative — Enter Username and Password below.

    Username

    Alternative username. Available if SSO Credentials is Alternative.

    Password

    Alternative password. Available if SSO Credentials is Alternative.

    Static SSO fields

    These fields are available if SSO is Static.

    Field Name

    Enter the field name, as it appears in the HTML form.

    Value

    Enter the field value.

    To use the values from SSO Credentials, enter %passwd% for password or %username% for username.

    Add

    Add another Field Name / Value pair.

  4. Select OK and then select Done.

Group-based SSL VPN bookmarks

This CLI-only feature allows administrators to add bookmarks for groups of users. SSL VPN will only output the matched group-name entry to the client.

Syntax:

config vpn ssl web portal

edit "portal-name"

set user-group-bookmark enable*/disable

next

end

conf vpn ssl web user-group-bookmark

edit "group-name"

conf bookmark

edit "bookmark1"

....

next

end

next

end

Group-based SSL VPN bookmarks

This CLI-only feature allows administrators to add bookmarks for groups of users. SSL VPN will only output the matched group-name entry to the client.

Syntax:

config vpn ssl web portal

edit <portal-name>

set user-group-bookmark [enable | disable]

next

end

config vpn ssl web user-group-bookmark

edit <group-name>

config bookmark

edit <bookmark1>

....

next

end

next

end

Automatic bookmarks for SSO credentials

The following CLI changes SSL VPN to send the basic authorization to the remote server for automatic SSO bookmark every time, but only if it is for the same host name. If this attribute is disabled, the SSO credentials are sent to the remote server for every HTTP request.

Syntax

config vpn ssl web user-bookmark

edit <name>

config bookmarks

edit <name>

set sso-credential-sent-once {enable | disable}

next

end

next

end

Using the Bookmarks widget

The Bookmarks widget shows both administrator-configured and user-configured bookmarks. Administrator bookmarks cannot be altered but you can add, edit or delete user bookmarks.

The FortiGate unit forwards client requests to servers on the Internet or internal network. To use the web-portal applications, you add the URL, IP address, or name of the server application to the My Bookmarks list. For more information, see Adding bookmarks.

note icon If you want to access a web server or telnet server without first adding a bookmark to the My Bookmarks list, use the Connection Tool instead. For more information, see Using the Bookmarks widget.

Adding bookmarks

You can add frequently used connections as bookmarks. Afterward, select any hyperlink from the Bookmarks list to initiate a session.

To add a bookmark
  1. In the web portal, select New Bookmark.
  2. Enter the following information:
  3. Name

    Enter the name to display in the Bookmarks list.

    Type

    Select the abbreviated name of the server application or network service from the drop-down list.

    Location

    Enter the IP address or FQDN of the server application or network service.

    For RDP connections, you can append some parameters to control screen size and keyboard layout. See Using the Bookmarks widget.

    Description

    Optionally enter a short description. The description displays when you pause the mouse pointer over the hyperlink.

    SSO

    Single Sign On (SSO) is available for HTTP/HTTPS bookmarks only.

    Disabled — This is not an SSO bookmark.

    Automatic — Use your SSL VPN credentials or an alternate set. See the SSO Credentials field.

    Static — Supply credentials and other required information (such as an account number) to a web site that uses an HTML form for authentication. You provide a list of the form field names and the values to enter into them. This method does not work for sites that use HTTP authentication, in which the browser opens a pop-up dialog box requesting credentials.

    SSO fields

    SSO Credentials

    SSL VPN Login — Use your SSL VPN login credentials.

    Alternative — Enter Username and Password below.

    Username

    Alternative username. Available if SSO Credentials is Alternative.

    Password

    Alternative password. Available if SSO Credentials is Alternative.

    Static SSO fields

    These fields are available if SSO is Static.

    Field Name

    Enter the field name, as it appears in the HTML form.

    Value

    Enter the field value.

    To use the values from SSO Credentials, enter %passwd% for password or %username% for username.

    Add

    Add another Field Name / Value pair.

  4. Select OK and then select Done.

Group-based SSL VPN bookmarks

This CLI-only feature allows administrators to add bookmarks for groups of users. SSL VPN will only output the matched group-name entry to the client.

Syntax:

config vpn ssl web portal

edit "portal-name"

set user-group-bookmark enable*/disable

next

end

conf vpn ssl web user-group-bookmark

edit "group-name"

conf bookmark

edit "bookmark1"

....

next

end

next

end

Group-based SSL VPN bookmarks

This CLI-only feature allows administrators to add bookmarks for groups of users. SSL VPN will only output the matched group-name entry to the client.

Syntax:

config vpn ssl web portal

edit <portal-name>

set user-group-bookmark [enable | disable]

next

end

config vpn ssl web user-group-bookmark

edit <group-name>

config bookmark

edit <bookmark1>

....

next

end

next

end

Automatic bookmarks for SSO credentials

The following CLI changes SSL VPN to send the basic authorization to the remote server for automatic SSO bookmark every time, but only if it is for the same host name. If this attribute is disabled, the SSO credentials are sent to the remote server for every HTTP request.

Syntax

config vpn ssl web user-bookmark

edit <name>

config bookmarks

edit <name>

set sso-credential-sent-once {enable | disable}

next

end

next

end