Chapter 16 SSL VPN : Basic configuration : Configuring SSL VPN web portals : SSL VPN Realms
  
SSL VPN Realms
You can go to VPN > SSL > Realms and create custom login pages for your SSL VPN users. You can use this feature to customize the SSL VPN login page for your users and also to create multiple SSL VPN logins for different user groups.
In order to create a custom login page using the web-based manager, this feature must be enabled using Feature Select.
 
Before you begin, copy the default login page text to a separate text file for safe-keeping. Afterward, if needed, you can restore the text to the original version.
To configure SSL VPN Realms - web-based manager:
1. Configure a custom SSL VPN login by going to VPN > SSL > Realms and selecting Create New. Users access different portals depending on the URL they enter.
2. The first option in the custom login page is to enter the path of the custom URL.
This path is appended to the address of the FortiGate unit interface to which SSL VPN users connect. The actual path for the custom login page appears beside the URL path field.
3. You can also limit the number of users that can access the custom login at any given time.
4. You can use HTML code to customize the appearance of the login page.
5. After adding the custom login, you must associate it with the users that will access the custom login. Do this by going to VPN > SSL > Settings and adding a rule to the Authentication/Portal Mapping section.
6. Under Authentication/Portal Mapping, click Create New and select the user group(s) and the associated Realm.
To configure SSL VPN Realms - CLI:
config vpn ssl web realm
edit <url-path>
set login-page <content_str>
set max-concurrent-user <int>
set virtual-host <hostname_str>
end
end
Where the following variables are set:
Variable
Description
Default
edit <url-path>
Enter the URL path to access the SSL-VPN login page.
Do not include “http://”.
No default.
login-page <content_str>
Enter replacement HTML for SSL-VPN login page.
No default.
max-concurrent-user <int>
Enter the maximum number of concurrent users allowed. Range 0-65 535. 0 means unlimited.
0
virtual-host <hostname_str>
Enter the virtual host name for this realm. Optional. Maximum length 255 characters.
No default.
See Also
SSL connection configuration
Portal configuration
Adding bookmarks
Tunnel mode and split tunneling
The Connection Tool widget