Fortinet black logo

FortiGate VPN Integration

Home FortiNAC 9.4.0 FortiGate VPN Integration
9.4.0
9.4.0

FSSO Groups on the SSL Interface (6.0.x Only)

FSSO Groups on the SSL Interface (6.0.x Only)

  1. Enable “Multiple Interface Policies” features under System->Feature Visibility

    This allows an interface option called “all

  2. Create a new IP Address Range, using the SSLVPN range

    Note: There is a range there by default but its tied to the SSLVPN Interface and can’t be used with interface “all”

  3. Create a new firewall Policy using:

    1. Incoming Interface “any

    2. Outgoing interface to FortiNAC Eth1

    3. Source is new SSLVPN IP Range and FortiNAC FSSO Group for Rogues

    4. Destination could be refined to just FortiNAC Eth1 interface

    5. Service could be refined to DNS, HTTPS, DHCP, Agent (4567/4568)

Previous
Next

FSSO Groups on the SSL Interface (6.0.x Only)

  1. Enable “Multiple Interface Policies” features under System->Feature Visibility

    This allows an interface option called “all

  2. Create a new IP Address Range, using the SSLVPN range

    Note: There is a range there by default but its tied to the SSLVPN Interface and can’t be used with interface “all”

  3. Create a new firewall Policy using:

    1. Incoming Interface “any

    2. Outgoing interface to FortiNAC Eth1

    3. Source is new SSLVPN IP Range and FortiNAC FSSO Group for Rogues

    4. Destination could be refined to just FortiNAC Eth1 interface

    5. Service could be refined to DNS, HTTPS, DHCP, Agent (4567/4568)

Previous
Next