Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword or section
Like this
32Activity

Table Of Contents

Introduction
Audience
Introduction to SSL VPN
What is a VPN?
What is SSL?
Goals of SSL
SSL certificates
Choosing the level of security for your SSL VPN tunnel
Choosing between SSL and IPsec VPN
Legacy versus web-enabled applications
Authentication differences
Connectivity considerations
Relative ease of use
Client software requirements
Access control
Session failover support
General topology
SSL VPN modes of operation
Web-only mode
Tunnel mode
Port forwarding mode
Application support
Single Sign On (SSO)
Setting up the FortiGate unit
SSL VPN and IPv6
General configuration steps
Configuring SSL VPN settings
Enabling SSL VPN operation
Specifying an IP address range for tunnel-mode clients
Adding WINS and DNS services for clients
Setting the idle timeout setting
Setting the client authentication timeout
Specifying the cipher suite for SSL negotiations
Enabling strong authentication through X.509 security certificates
Configuring the FortiGate unit to require strong client authentication
Configuring the FortiGate unit to provide strong authentication
Changing the port number for web portal connections
Customizing the web portal login page
Configuring SSL VPN web portals
Before you begin
Default web portal configurations
Configuring tunnel mode settings
Configure a port forward tunnel
The Session Information widget
The Bookmarks widget
The Connection Tool widget
Host checking
Creating user accounts
Creating a user group for SSL VPN users
Configuring firewall policies
Configuring firewall addresses
Configuring the SSL VPN firewall policy
Configuring the tunnel mode firewall policy
To configure the tunnel mode firewall policy - CLI
Configuring routing for tunnel mode
Adding an Internet browsing policy
Enabling connection to an IPsec VPN
SSL VPN logs
Monitoring active SSL VPN sessions
Troubleshooting
Using the web portal
Connecting to the FortiGate unit
Web portal overview
Applications available in the web portal
Using the Bookmarks widget
Adding bookmarks
Using the Connection Tool
RDP options
Tunnel-mode features
Using the SSL VPN Virtual Desktop
Using FortiClient
FortiClient for Windows configuration
Using the SSL VPN tunnel client
Client configurations
Web mode
Downloading the SSL VPN tunnel mode client Using the SSL VPN tunnel client
Virtual desktop application
Downloading the SSL VPN tunnel mode client
Installing the tunnel mode client
Windows
Linux
MAC OS client
Using the tunnel mode client
Windows client
Linux client
MAC OS X client
Uninstalling the tunnel mode client
Examples
Basic SSL VPN example
Infrastructure requirements
Creating the firewall addresses
Creating the destination address
Creating the tunnel client range address
Enabling SSL VPN and setting the tunnel user IP address range
Creating the web portal
Creating the user account and user group
Creating the firewall policies
Add routing to tunnel mode clients
Multiple user groups with different access permissions example
Creating the destination addresses
Creating the tunnel client range addresses
Creating the web portals
Creating the user accounts and user groups
Create the static route to tunnel mode clients
OS patch check example Examples
OS patch check example
0 of .
Results for:
No results containing your search query
P. 1
fortigate-sslvpn-40-mr3

fortigate-sslvpn-40-mr3

Ratings:
(0)
|Views: 24,950|Likes:
Published by Iulian Curca

More info:

Published by: Iulian Curca on Apr 08, 2011
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

06/27/2013

pdf

text

original

You're Reading a Free Preview
Pages 5 to 36 are not shown in this preview.
You're Reading a Free Preview
Pages 41 to 88 are not shown in this preview.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->