Creating security policies
Create an SSL VPN security policy with SSL VPN user authentication to allow SSL VPN traffic to enter the FortiGate unit. Create a normal security policy from ssl.root to wan1 to allow SSL VPN traffic to connect to the Internet.
1. Go to Policy & Objects > Policy > IPv4 and select Create New.
2. Complete the following:
Incoming Interface | wan1 |
Source Address | all |
Outgoing Interface | internal |
Destination Address | Head office server |
3. Select OK.
4. Add a security policy that allows remote SSL VPN users to connect to the Internet.
5. Select Create New.
6. Complete the following and select OK:
Incoming Interface | ssl.root |
Source Address | all |
Outgoing Interface | wan1 |
Destination Address | all |
Schedule | always |
Service | ALL |
Action | ACCEPT |