Fortinet black logo

Cookbook

SMBv2 support

Copy Link
Copy Doc ID af0e75e9-211f-11ea-9384-00505692583a:795915
Download PDF

On all FortiGate models, SMBv2 is enabled by default for SSL VPN. Client PCs can access the SMBv2 server using SSL VPN web-only mode.

To configure SMBv2:
  1. Set the minimum and maximum SMB versions.
    config vpn ssl web portal
        edit portal-name
           set smb-min-version smbv2
           set smb-max-version smbv3
        next
    end
  2. Configure SSL VPN and firewall policies as usual.
  3. Connect to the SSL VPN web portal and create an SMB bookmark for the SMBv2 server.
  4. Click the bookmark to connect to the SMBv2 server.
  5. On the FortiGate, use package capture to verify that SMBv2 works:

On all FortiGate models, SMBv2 is enabled by default for SSL VPN. Client PCs can access the SMBv2 server using SSL VPN web-only mode.

To configure SMBv2:
  1. Set the minimum and maximum SMB versions.
    config vpn ssl web portal
        edit portal-name
           set smb-min-version smbv2
           set smb-max-version smbv3
        next
    end
  2. Configure SSL VPN and firewall policies as usual.
  3. Connect to the SSL VPN web portal and create an SMB bookmark for the SMBv2 server.
  4. Click the bookmark to connect to the SMBv2 server.
  5. On the FortiGate, use package capture to verify that SMBv2 works: