Welcome to Scribd, the world's digital library. Read, publish, and share books and documents. See more
Standard view
Full view
of .
Look up keyword or section
Like this

Table Of Contents

Introduction to SSL VPN
What is a VPN?
What is SSL?
Goals of SSL
SSL certificates
Choosing the level of security for your SSL VPN tunnel
Choosing between SSL and IPsec VPN
Legacy versus web-enabled applications
Authentication differences
Connectivity considerations
Relative ease of use
Client software requirements
Access control
Session failover support
General topology
SSL VPN modes of operation
Web-only mode
Tunnel mode
Port forwarding mode
Application support
Single Sign On (SSO)
Setting up the FortiGate unit
SSL VPN and IPv6
General configuration steps
Configuring SSL VPN settings
Enabling SSL VPN operation
Specifying an IP address range for tunnel-mode clients
Adding WINS and DNS services for clients
Setting the idle timeout setting
Setting the client authentication timeout
Specifying the cipher suite for SSL negotiations
Enabling strong authentication through X.509 security certificates
Configuring the FortiGate unit to require strong client authentication
Configuring the FortiGate unit to provide strong authentication
Changing the port number for web portal connections
Customizing the web portal login page
Configuring SSL VPN web portals
Before you begin
Default web portal configurations
Configuring tunnel mode settings
Configure a port forward tunnel
The Session Information widget
The Bookmarks widget
The Connection Tool widget
Host checking
Configuring client OS Check
Configuring user accounts and user groups for SSL VPN
Creating user accounts
Creating a user group for SSL VPN users
Configuring security policies
Configuring firewall addresses
Configuring the SSL VPN security policy
Configuring the tunnel mode security policy
To configure the tunnel mode security policy - CLI
Configuring routing for tunnel mode
Adding an Internet browsing policy
Enabling connection to an IPsec VPN
SSL VPN logs
Monitoring active SSL VPN sessions
Using the web portal
Connecting to the FortiGate unit
Web portal overview
Applications available in the web portal
Using the Bookmarks widget
Adding bookmarks
Using the Connection Tool
RDP options
Tunnel-mode features
Using the SSL VPN Virtual Desktop
Using FortiClient
FortiClient for Windows configuration
Using the SSL VPN tunnel client
Client configurations
Web mode
Downloading the SSL VPN tunnel mode client Using the SSL VPN tunnel client
Virtual desktop application
Downloading the SSL VPN tunnel mode client
Installing the tunnel mode client
MAC OS client
Using the tunnel mode client
Windows client
Linux client
MAC OS X client
Uninstalling the tunnel mode client
Basic SSL VPN example
Infrastructure requirements
Creating the firewall addresses
Creating the destination address
Creating the tunnel client range address
Enabling SSL VPN and setting the tunnel user IP address range
Creating the web portal
Creating the user account and user group
Creating the security policies
Add routing to tunnel mode clients
Multiple user groups with different access permissions example
Creating the destination addresses
Creating the tunnel client range addresses
Creating the web portals
Creating the user accounts and user groups
Create the static route to tunnel mode clients
0 of .
Results for:
No results containing your search query
P. 1


Ratings: (0)|Views: 361 |Likes:
Published by Michael Lee

More info:

Published by: Michael Lee on Feb 09, 2012
Copyright:Attribution Non-commercial


Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less





You're Reading a Free Preview
Pages 5 to 36 are not shown in this preview.
You're Reading a Free Preview
Pages 41 to 88 are not shown in this preview.

Activity (3)

You've already reviewed this. Edit your review.
1 thousand reads
1 hundred reads
pedir_disco liked this

You're Reading a Free Preview

/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->