Setting up a VPN (Virtual Private Network) is essential for many companies that need to allow secure remote access to their corporate network. VPN SSL (Secure Sockets Layer) is one of the most popular options for this purpose, offering security and privacy for data traffic over the Internet.
O Fortigate is one of the most widely used network appliances for SSL VPN configuration, offering a variety of security and network management features. However, configuration can be a complex and challenging process for inexperienced users.
In this article we will explore step by step how to set up a VPN SSL on Fortigate, from creating the SSL certificate to configuring security policies. In doing so, we hope to provide readers with the information needed to successfully set up an SSL VPN on Fortigate and ensure the security of remote connections.
Summary
SSL VPN using web and tunnel mode
SSL VPN is a popular solution for securely connecting remote users to the corporate network. There are two SSL VPN connection modes: Web mode and Tunnel mode. In Web mode, the user accesses applications and services through a web browser without installing additional software. In Tunnel mode, the user uses client software to establish a VPN connection and access the network more fully. Both modes have advantages and disadvantages, and the choice depends on the specific needs of each organization.
Web mode is easier to use and can be accessed from any device with Internet access, while Tunnel mode offers greater security and control over the VPN connection. The right choice of connection mode is critical to ensure the security and efficiency of your corporate network.
Enable remote users to access the corporate network using service VPN SSL, connecting in web mode using a web browser or in tunnel mode using FortiClient. Web mode allows users to access network resources, such as the AdminPC used in this example.
For users connecting in tunnel mode, traffic to the Internet is also routed through FortiGate to apply security scanning to this traffic.
During the connection phase, the FortiGate will also check that the remote user's antivirus software is installed and up to date. This recipe is in the network collection FortiGate Basic. You can also use it as a stand-alone recipe.
How to Create VPN
Editing the SSL VPN portal
Under Enable Web Mode, create predefined bookmarks for any internal resources that VPN users need to access. In the example, the bookmark allows the remote user RDP access to a computer on the internal network.
Setting up the SSL VPN tunnel
