Configuring SSL VPN involves a number of configurations within FortiOS that you need to complete to make it all come together. This chapter describes the components required, and how and where to configure them to set up the FortiGate unit as an SSL VPN server. The configurations and steps are high level, to show you the procedures needed, and where to locate the options in FortiOS. For real-world examples, see Setup examples.
There are three or four key steps to configuring an SSL VPN tunnel. The first three in the points below are mandatory, while the others are optional. This chapter outlines these key steps as well as additional configurations for tighter security and monitoring.
The key steps are:
- Create user accounts and user groups for the remote clients.
(User accounts and groups)
- Create a web portal to define user access to network resources.
(Configuring SSL VPN web portals)
- Configure the security policies.
(Configuring security policies)
- For tunnel-mode operation, add routing to ensure that client tunnel-mode packets reach the SSL VPN interface.
(Routing in tunnel mode)
- Setup logging of SSL VPN activities.
(SSL VPN logs)
This section contains the following information: