question

pingmemaybe avatar image
0 Likes"
pingmemaybe asked

How to allow traffic from SSL-VPN to Ipsec VPN?

Our external users are connecting through SSL-VPN. But they need to reach resources behind another FortiGate.
FortiOSIPsecSSL-VPN
10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

·
logographer avatar image
0 Likes"
logographer answered

This is a fairly common scenario, and is not too complicated. Essentially, you need a site-to-site VPN to connect your FortiGate to the other resource (assuming the other resource is being another FortiGate for ease of explanation). Then you need to user facing SSL-VPN portal for accessing the networks behind the FortiGate.

In other words:

User <--- SSL-VPN ---> FortiGate <--- IPsec VPN ---> FortiGate <--> internal resources.

Check out this document for more info how it is configured:

https://docs.fortinet.com/document/fortigate/6.4.7/administration-guide/45836/ssl-vpn-to-ipsec-vpn

10 |600
Toggle Comment visibility. Current Visibility: Viewable by all users

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Write an Answer

Hint: Notify or tag a user in this post by typing @username.

Up to 10 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

Welcome to FortiAnswers

FortiAnswers is the space dedicated to FortiSASE and FortiOS questions and suggestions.

  • Please review the Community guidelines
  • If you are a moderator, please refer to the Moderation guidelines
  • If something in the above guidelines is unclear, please post your question to the Community Feedback space or the Moderators' space