Scribd Logo
Upload

Welcome to Scribd!

  • Diagnose VPN SSL Statistics:, and Select Config User Local

    Uploaded by

    Danilo Varano
    22 views1 page
    To check if a FortiGate has entered SSL VPN conserve mode, use the diagnose vpn ssl statistics command. To create a user account and user groups, use the User & Device menus in the GUI. The CLI can be used to configure LDAP authentication, set a MAC address check and range, and adjust SSL VPN settings like the authentication timeout and enabling one-time logins per user.

    Original Description:

    Original Title

    Comandi FG

    Copyright

    © © All Rights Reserved

    Available Formats

    DOCX, PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    To check if a FortiGate has entered SSL VPN conserve mode, use the diagnose vpn ssl statistics command. To create a user account and user groups, use the User & Device menus in the GUI. The CLI can be used to configure LDAP authentication, set a MAC address check and range, and adjust SSL VPN settings like the authentication timeout and enabling one-time logins per user.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    22 views1 page

    Diagnose VPN SSL Statistics:, and Select Config User Local

    Uploaded by

    Danilo Varano
    To check if a FortiGate has entered SSL VPN conserve mode, use the diagnose vpn ssl statistics command. To create a user account and user groups, use the User & Device menus in the GUI. The CLI can be used to configure LDAP authentication, set a MAC address check and range, and adjust SSL VPN settings like the authentication timeout and enabling one-time logins per user.

    Copyright:

    © All Rights Reserved
    Download as DOCX, PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 1

    To determine if the FortiGate has entered SSL VPN conserve mode -

    diagnose vpn ssl statistics

    To create a user account:

    User & Device > User Definition, and select Create New.

    config user local

    To create user groups:

    User & Device > User Groups and select Create New.

    config user group

    config user ldap


    edit <username>
    set server <domain>
    set password-expiry-warning enable
    set password-renewal enable
    next
    end

    MAC host check


    conf vpn ssl web portal
    edit portal
    set mac-addr-check enable
    set mac-addr-action allow
    config mac-addr-check-rule
    edit "rule1"
    set mac-addr-list 01:01:01:01:01:01 08:00:27:d4:06:5d
    set mac-addr-mask 48
    end
    end

    To set tunnel-mode client IP address range - CLI:


    config firewall address
    edit SSL_tunnel_users
    set type iprange
    set end-ip 10.254.254.100
    set start-ip 10.254.254.80
    end

    config vpn ssl settings


    set auth-timeout 18000
    end

    To allow one-time login per user

    config vpn ssl web portal


    edit <portal_name>
    set limit-user-logins enable
    end

    You might also like