How to create Fortigate SSL VPN
SSL-VPN provides remote users with access to the corporate network using SSLVPN client while connecting through the Internet to the corporate FortiGate unit. During the connecting phase, the FortiGate unit will also verify that the remote user’s antivirus software is installed and current…
Step 1. Create an SSL VPN portal for remote users
Go to VPN > SSL > Portals
Step 2. Create a user and a user group
Go to User & Devices > User > User Definition
Step 3. Add an address for the local network
Go to Policy & Objects > Objects > Addresses
Step 4. Configure SSL VPN tunnel
Go to VPN > SSL > Settings and set listen on interface(s) to wan1 (i.e. outside interfaces)
Step 5. Add security policies for access to the internet and internal network
Go to Policy & Objects > Policy > !Pv4
Step 6. Set up Fortigate unit to verify users have current antivirus software
Go to System > Status > Dashboard
On CLI Console type
config vpn ssl web portal
edit full-access
set host-check av
end
Step 7. Verify Results
On your url type https://x.x.x.x (IP of external interface – wan1)
Log into the portal using the credentials you created in step 2
Go to VPN > Monitor > SSL-VPN Monitor
Go to Log & Report > Traffic Log > Forward Traffic
Reference: Keith Leroux