Basic Configuration

Chapter 16 SSL VPN for FortiOS 5.0 : Basic Configuration

Basic Configuration

Configuring SSL VPN involves a number of configurations within FortiOS that you need to complete to make it all come together. This chapter describes the components required, and how and where to configure them to set up the FortiGate unit as an SSL VPN server. The configurations and steps are high level, to show you the procedures needed, and where in FortiOS they are located. For real-world examples, see the chapter, “Setup examples”.

There are three or four key steps to configuring an SSL VPN tunnel. The first three in the points below are mandatory, while the other is optional. This chapter will outline these four key steps, as well as additional configuration you can do for tighter security and monitoring.

The key steps are:

• Create user accounts and user groups for the remote clients.
(“User accounts and groups”)

• Create a web portal to define user access to network resources.
(“Configuring SSL VPN web portals”)

• Configure the security policies.
(“Configuring security policies”)

• For tunnel-mode operation, add routing to ensure that client tunnel-mode packets reach the SSL VPN interface.
(“Routing in tunnel mode”)

• Setup logging of SSL VPN activities.
(“SSL VPN logs”)