beautypg.com

Configuring ssl vpn settings – Fortinet FORTIOS V3.0 MR7 User Manual

Page 34

background image

FortiOS v3.0 MR7 SSL VPN User Guide

34

01-30007-0348-20080718

Configuring SSL VPN settings

Configuring a FortiGate SSL VPN

Configuring SSL VPN settings

You can configure and manage the FortiGate unit through a secure HTTP
(HTTPS) connection from any computer running a web browser. For information
about how to connect to the web-based manager, see “Connecting to the web-
based manager” in the

FortiGate Installation Guide

.

Refer to the

FortiGate Installation Guide

and

FortiGate Administration Guide

to

change the password, configure the interfaces of the FortiGate unit, and assign
basic operating parameters, including a default gateway.

There are basic administrative tasks common to all modes of operation that must
be completed first, regardless of the connection mode you select.

The VPN > SSL > Config page contains basic SSL VPN settings including idle-
timeout values and SSL encryption preferences for compatibility with various web
browsers. You may also optionally enable authentication through X.509 security
certificates (for more information about security certificates, see the

FortiGate

Certificate Management User Guide

).

In addition to setting these preferences on the VPN > SSL > Config page, you
may choose to modify the following system settings:

The FortiGate unit redirects web browsers to the web portal home page after
the remote client has been authenticated and the user has logged in
successfully. As an option, you can display a second HTML page in a popup
window for all members of a user group. For more information, see

“Redirecting a user group to a popup window” on page 40

.

You can customize the look of the web portal login page through replacement
messages. For more information, see

“Customizing the web portal login page”

on page 41

.

Enabling SSL VPN connections and editing SSL VPN settings

To enable SSL VPN connections and configure or edit SSL VPN settings, go to
VPN > SSL > Config and select Enable SSL-VPN. The FortiGate unit does not
accept web-only mode or tunnel-mode connections while SSL VPN operation is
disabled.

Note: As an alternative, you can connect the management computer to the Console
connector of the FortiGate unit directly using a serial cable and configure the FortiGate unit
through the Command Line Interface (CLI). The CLI can also be launched from within the
web-based manager. For more information, see “Connecting to the FortiGate console” in
the

FortiGate CLI Reference

.

See also other documents in the category Fortinet Hardware: