FortiGate SSL VPN User Guide (Chinese)
Contents
1. share Welcome to SSL VPN Service Current Directory TD size 7 Dot MSRDPCLI EXE 3509 KB File Tue Dec 12 04 28 34 2006 Fri Oct 6 02 06 10 2006 test a Thu Feb 8 08 15 40 2007 test zip zip i Thu Nov 16 05 57 09 2006 Up 9 FTP SMB CIFS SMB 1 22. 3 OK 4 TP 5 IP ssl vpn FortiGate FortiGate web Active X ActiveX ssl vpn A D web Active X ActiveX ssl vpn FortiGate ssl vpn
3. FortiNet ssl vpn FortiGate ssl vpn SSL VPN web telnet FortiGate web FortiGate web url ip SA web telnet ul ip e web Chttp https HTML web e Telnet TCP IP
4. FortiGate FortiGate web FortiGate SSL web 128 gt 128bit GRA web SSL gt 128bit 128 HKE web SSL gt 64bit 64 64 10 28800 SSL
5. H AREA A VPN gt IPSEC gt D 1 nas 000A EAN A O VPN Central_office 1 o wt Config sys global Set ips open enable end CLIMA A Config firewall policy edit id_integer set http _retry_count lt retry_interer gt set natip lt address_ipv4mask gt end FortiGate O O FED EHEH lt HTML gt lt HEAD gt lt TITLE gt Firewall Authentication lt TITLE gt lt HEAD gt lt BODY gt lt H4 gt You must authenticate to use this service lt H4 gt Welcome lt address_ipv4 gt FortiGate Fortinet http doc forticare com Fortinet Fortinet FortiGate Fortinet FortiGate FortiGate FortiGate
6. RADIUS LDAP PKI FortiGate FortiGate 1 gt User_1 ssl vpn LDAP LDAP LDAP RADIUS RADIUS RADIUS 2 Fatt OK 8 1 gt New User Group Name SSL YPN Type Available Users Groups Members Local Users 4DUser LocalUser RadiusUser SSLUser Users on RAD US LDAP TACA
7. FTP RDP SMB Telnet VNC Web SSH e ssl vpn ssl vpn ssl vpn ssl vpn ssl vpn ssl vpn ssl vpn ssl vpn gt ssl vpn ssl vpn ssl vpn ssl vpn 9 C Enable Cache Clean M Bookmarks User Groupl x Redirect URL Customize portal message for this group ssl vpn os ssl vpn os os ssl vpn windows
8. windows HTML window e web web ssl vpn ssl vpn VPN gt ss1 gt ssl vpn ssl vpn FortiGate ssl vpn web 2 ssl vpn SSL YPN Settings M Enable SSL VPN Tunnel IP Range 0 0 0 0 0 0 0 0 Server Certificate Require Client Certificate I Encryption Key Algorithm High AES 128 256 bits and 3DES Default RC4 128 bits and higher C Low RC4 64 bits DES and higher Idle Timeout 300 seconds Portal Message Y Advanced DNS and WINS Servers DNS Server 1 Po DNS Server 2 Po WINS Server 1 WINS Server 2 SSL VPN SSL VPN IP SSL VPN IP IP IP
9. 7 ssl vpn 8 VPN gt SSL gt IP IP ee SS ssl vpn IP IP 9 web only web web FortiGate 10 e 4 FortiClient Av e FortiClient Fw e AV o
10. url ip ping FortiGate web web web url al W http www mywebexample com https 172 20 120 101 2 FortiGate url http lt FG_IP_address gt lt port_no gt proxy http lt specified_url 3 Ping FortiGate 1 ping IP 192 168 12 22 2 IP telnet 1 Telnet telnet IP 192 168 5 238 2 A FortiGate FortiGate web
11. FortiGate 5 ssl vpn 1 amp gt gt 2 e ssl vpn e ssl vpn e ssl vpn 3 ssl von 1 amp gt 2 Type Memory View 30 per page Line fi fo HE Raw Clear All Filters ssl vpn ssl vpn IP 3 vpn gt ss1 gt 3 web
12. Fortinet http support fortinet com Fortinet Bc FortiGate SSL VPN SSL IPSec VPN SSL VPN e SSL IPSec VPN e SSL VPN o o SSL VPN CHHIKA SSL VPN 0 e SSL VPN o SSL VPN o SSL VPN e SSL VPN 0S o SSL VPN e SSL VPN ssl root o SSL VPN SSL IPSec VPN SSL IPSec VPN VPN
13. TP IP 1 2 2 ssl vpn IP 3 IP 4 IP IP 172 16 10 0 24 IP IP 0 0 0 0 0 0 0 0 o A ike IP 172 16 10 2 32 i IP P 172 16 10 f4 5 5 CFA 6 Fic OK New Address Address Name SSL_Tunnel_Host Type Subnet IP Range Subnet IP Range 0 0 0 0 0 0 0 0 Interface Any IP Hebe 1 gt 2
14. url X http test org index html FortiGate http lt sslvpn_host port gt proxy http Z lt encrypted hex value gt index html FTP SMB 16 Ei cli config vpn ssl setting url obscuration web 20 My Bookmarks Bookmark MyWebBookmark http www mywebexample com MyTelnetBookmark telnet 10 10 10 10 wy FIP MyF TPBookmark FTP 10 10 10 10 g w SMB CIFS MySMBCIFSBookmark SMB CIFS 10 10 10 10 share af w VNC My NCBookmark yner 10 10 10 10 a g w RDP FortiGat
15. Fortinet SSL YPN Client 1 0 Link Status Bytes Sent Bytes Received J Down jo jo Fortinet SSL VPN client offline 2 RAT HERE o 23 Fortinet SSI VPN Client 1 Link Status Bytes Sent aytes Rese ved pe 3221 232 Install Uninszall Connect Disconnezt Refresh naw Furt eLss vPN dient connecter Lu server SS Fortinet ssl vpn HP ERIKA at EAEE MIER RAHE FortiGate FortiGate FortiGate ssl vpn FortiGate web FortiGate i ActiveX Java 1 ActiveX Java FARE PERE RERED TRAP BEIEHDAR Act iveX Java FARE FortiGate ActiveX Java 1 web ssl vpn 2 MR web ERA
16. FortiGate web 7 8 Telnet telnet Connect to 10 10 10 10 Disconnect 9 exit TELNET FTP FTP 1 2 3 FTPt 4 IP FTP IP 10 10 10 10 New Bookmark Title wyFTPBookmark pplication Type FTP X f 10 10 10 10 Shared File Folder OK Cancel 5 OK 6 FTP 7 A Login Microsoft Internet Explorer Login to FTP server in lab User Name I Password Login 8
17. ip CAN 10 ssl vpn at external external user2 public ip a user1 public ip 198 168 182 64 Ng 192 168 192 54 A Internet 192 68 182 0 24 g 2 ForriGare 192 168 182 154 10 158 0 0 24 internal internal windows pc linux server 10 158 0 10 10 158 0 7 ssl vpn IP SA ssl vpn IP HEA vpn gt ssl JAZ ssl vpn IP IP 11 ssl vpn IP 10 1 1 1 10 1 1 100 SSL VPN Settings MV Enable SSL VPN Tunnel IP Range 10 1 1 1 20 1 1 100 Server Certificate Self Signed Require Client Certificate I Encryption Key Algorithm c High 4ES 128 256 bits and 3DES Default RC4 128 bits and higher C Low RC4 64 bits DES and higher Idle Timeout 300 seconds P
18. IP W subnet 2 3 ITP IP 192 168 22 0 192 168 22 2 IP 192 168 22 10 25 4 5 OK 1 gt FortiGate external IP FortiGate internal FortiGate IP subnet 2 ssl 3 OK eo LB ssl vpn ssl vpr o
19. SMB 10 10 10 10 Title MyRDPBookmark Application Type Host Name IP 10 10 10 10 m en us 5 OK 6 RDP A ar FortiGate FortiGate web https 77172 20 120 128 10443 RDP Mozilla Firefox E Launching RDP s2ssion Connecting to 10 10 10 10 8 Log On to Windows Copyright 1985 2001 Microsoft Corporation User name user Password Log on to FORTICLIENT Bee FE 9 s 10 RDP SSH SSH 1 2 3 SSH 4 IP
20. o FTP e SMB CIFS SMB KHE e VNC e RDP e SSH gt windows SMB CIFS URLES FortiGate HITP HTTPS FortiGate AES 128 hex 2Z
21. ssl root ssl root i FortiGate ssl vpn e external gt internal ss1 ssl HPA e ssl root gt internal Accept e internal gt ssl root Accept e lt ssl gt ss1 root ss1 vpn e ssl root gt external Accept NAT gt wanl internal sslvpn ssl ssl root ip internal accept internal ssl root ssl
22. web HTML HTML 1 gt gt 2 ssl vpn ssl vpn 3 HTML FortiGate 4 sic OK ssl vpn web FortiGate RADIUS LDAP FortiGate RADIUS LDAP PKI RADIUS LDAP Hk FortiGate RADIUS BK LDAP
23. 3 SMB CIFS 4 SMB IP 10 10 10 10 share Title MySMBCIFSBookmark Application Type SMB CIFS i f 10 10 10 10 share Shared File Folder 5 OK 6 SMB CIFS 7 loj xi Login to MySMBCIFSBookmark UserName Password Eoejis https 172 20 120 128 10443 Login Mozilla Firefox 8 share Welcome to SSL VPN Service Current Directory MSRDPCLI EXE 3509 KB File Tue Dec 12 04 28 34 2006 test Folder Fri Oct 6 02 06 10 2006 test directory Folder Thu Feb 8 08 15 40 2007 test zip zip 121 MB File Thu Nov 16 05 57 09 2006 e
24. e e e e e e Up 9 SMB CIFS VNC VNC 1 2 3 VNC 4 SMB TP 10 10 10 10 Title MyVNCBookmark Application Type VNC Host Name IP 10 10 10 10 5 OK 6 VNC T ht
25. SSL VPN web web FortiGate SSL VPN web SSL VPN e FortiGate SSL VPN e web web ActiveX VPN e IP IP cok T gt ge Aia e BHC OF
26. web o FortiGate e web e web e e e e o ActiveX java e 3 ActiveX java e URES FortiGate web FortiGate FortiGate url FortiGate URL x 509 FortiGate web FortiGate FortiGate HTTP web FortiGate WHY URL Hlan https lt FortiGate_IP_address gt 10443 remote 2 FortiGate 3 FortiGate FortiGate
27. PKI ssl vpn ssl e e gt 164 164bit e gt 128 128bit e o RADIUS RADIUS o LDAP LDAP e RADIUS LDAP RADIUS LDAP ssl vpn
28. FortiGate MA IP IP web only IP 1 2 IP subnet_1 3 IP 4 IP IP 172 16 10 0 24 P CSa RAMADERIA RWE BREMA IP hE t 172 16 10 2 32 IP IP 172 16 10 4 5 5 OK web only 1 2 FortiGate FortiGate dmz IP subnet 1 ssl
29. FortiGate web IE Mozilla Foundation Firefox Mac0S Linux FortiGate HTTPS HTTP FortiGate web web ssl vpn ActiveX Bk Java web ssl FortiGate VPN FortiGate IP IP FortiGate FortiGate ssl vpn FortiGate e windows2000 XP 2003 vista 32 64bit
30. o WE IP o ssl e T gt Da NERF EROE DEN ssl vpn ssl vpn ACCEPT e e e Aci ssl vpn e ssl vpn web IP web only o web only e TP FortiGate P IP o FortiGate IP FortiGate o IP
31. FortiGate FortiGate Ka VPN FortiGate FortiGate HTML web FortiGate CLI FortiGate CLI FortiGateCLI 4 Fortinet Knowledge Center Fortinet FortiGate FortiGate FortiGate Oo WW mi Y N FortiGate HA FortiGate FortiGate FortiGate IPS FortiGate FortiGate IPS FortiGate PSec VPN web IPSec VPN FortiG
32. web Telnet FTP SMB CIFS VNC RDP SSH URL HA FortiGate Web web url www fortinet com Telnet Telnet IP 10 10 10 10 FTP FTP IP server folder SMB CIFS SMB IP server folder VNC 10 10 10 10 RDP RDP IP 10 10 10 10 SSH SSH TP 10 10 10 10 e ssl vpn o ssl vpn e ssl vpn e Ac ssl vpn e ssl vpn e ssl vpn ssl vpn ssl vpn vpn gt ss1 gt 7
33. Mac0S Linux ssl vpn CLI set sslvpn os check ssl vpn OS disable enable config sslvpn os check lish 0S set sslvpn os check windows 2000 windows xp set action allow check up to date deny e allow e checkup to date latest patch level 5 tolerence e deny os MAA RV RAS set sslvpn os check check up to date set latest patch level windows2000 BRU KE disable 0 255 4 Xf windows xp 2 action enable Set latest patch level tolerance tolerance num WA tolerance
34. Fortigate x 509 1 3 VPN gt ss1 gt ssl vpn CA FortiGate ssl FortiGate web web FortiGate ssl 1 VPN gt SSL gt 2 o web 128bit RC4 128bit o web ssl AES 128 256bit 3DES 128bit
35. o web ssl RC4 64bit DES web 64bit 3 300 1 VPN gt SSL gt 2 10 28800 3 gt SS 1500 CLI te RI ERE 1800 config vpn ssl settings set auth timeout 1800 end web web 31 1 BEA SSLOVPND gt ACE o 2 3 ss o WINS
36. ssl root 4 IP KIIRE o 5 IP ssl vpn FortiGate ssl vpn FortiGate ssl vpn 1 amp gt gt 2 e FortiAnalyzer e FortiGate e syslog FortiGate web trend cli FortiGate CLI 3 4
37. Group Name Bookmarks User Groupi TelnetBookmark WebHome P WebOnly WebHome m Pi e ssl vpn e ssl vpn e ssl vpn e HMA ssl vpn e ssl vpn e HE ssl vpn ssl vpn vpn gt ss1 gt 8 Name Available Bookmarks New Bookmark Group Used Bookmarks mm os e FTPBookmark 172 20 120 103 myfolder RDP anes DP SMB SMB Q Telnet Telnet VNC TelnetBookmark 198 168 5 238 Web ae VAC SSH Examp eBookmark www example com SH e ssl vpn
38. 3 4 telnet 5 exit ssh FortiGate ssl vpn web Fortinet ssl vpn ssl vpn ssl vpn FortiGate ssl vpn 22 Fortinet ssl vpn 1 0 elcome to SSL VPN Service Fortinet SSL VPN Client 1 0 fs Link Status Bytes Sent Bytes Received up 3221 232 Install Uninstall Connect Disconnect Refresh now Fortinet SSL YPN client connected to server ssl vpn e ssl vpn FortiGate CUp e Down FortiGate fo
39. FortiGate 21 Title Application Type URL e Web e Telnet e FTP e SMB CIFS e VNC e RDP SSH URL IP FortiGate Web web url http www google com http 172 20 120 101 Telnet telnet IP 10 10 10 10 FTP FTP IP 10 10 10 10 share SMB CIFS SMB IP 10 10 10 10 share RDP RDP IP 10 10 10 10 VNC VNC IP Hehe CA 10 10 10 10 SSH SSH
40. FortiClient ActiveX Java ssl vpn A ND ss1 vpn windows ActiveX Java 1 Windows XP SP2 Norton Symantec McAfee Rl AV Z H HA Norton Internet Security 2006 Trend Micro PC cillin McAfee Sophos Anti virus Panda Platinum 2006 Internet Security F Secure Secure Resolutions Cat Computer Servies A
41. accept lt ssl gt ssl root FortiGate ssl root ssl wanl all accept NAT ss vpn ssl root ssl wanl vpn ipsec vpn lt vpn 1 gt ssl vpn ERE 4 FortiGate sslvpn sslvpn web sslvpn wan Fortigate 3 4MR4 os cli config vpn ssl settings set route source interface enable end A cli Forti0S 3 OMR4 web
42. web 4 Please Login Password LOGIN 5 FortiGate web FortiGate ssl vpn Web FortiGate ssl vpn 19 FortiGate ssl vpn web Welcome to SSL VPN Service Activate SSL VPN Tunnel Mode SSL YPN Session Info Login Name testuser 0 hour s 2 minute s 16 second s HTTP Inbound Outbsund Traffic 0 bytes 0 bytes HTTPS Inbound Outs0und Traffic 0 bytes 0 bytes Pre defined Bookmarks l U My Bookmarks Adc Bookmark Connect to Web Server Test for Reachability Ping OE Telnet to Host VNC to Host L RDP to Host web only
43. smart card 45 biometric SSL web Fortinet web IPSec VPN VPN SSL IPSec VPN SSL VPN IPSec SSL IPSecVPN IPSec VPN SSL VPN web Was Internet Explore Netscape Mozilla Firefox Telnet RDP Sun Java
44. FortiGate ssl TP Hk Bw ssl ip FortiGate FortiGate e E ssl vpn FortiGate IP o IP FortiGate JP FortiGate IP o IP IP IP IP IP e Wwe ssl e Opa NRR FA HE ssl web only FortiGate web only
45. FortiGate FortiGate SSL VPN web SSL FortiGate web SSL VPN SSL FortiGate SSL VPN ActiveX web SSL VPN SSL FortiGate VPN E SSL VPN SSL VPN SSL VPN
46. IP 10 10 10 10 ZRIN HTTP Z HTTPS web I 2 3 web 4 URL web url Chon http www mywebexample com https 172 20 120 101 Title Application Type URL MyWebBookmark _ Web 5 OK 6 web FortiGate WEN http lt FG_IP_address gt lt port_no gt proxy http lt 7 J URL gt H Hk URL 7 telnet telnet 1 2 3 Telnet 4 IP Telnet IP 10 10 10 10 Title MyTeInetBookmark Application Type Host Name IP 10 10 10 10 5 OK 6 telnet e iw FortiGate
47. Login Name dgiroux 0 hour s 2 minute s 16 second s HTTP Inbound Outbound Traffic 0 bytes 0 bytes HTTPS Inbound Outbound Traffic O bytes 0 bytes 2 FortiGate Fortinet ssl vpn lt gt windows xp Pack2 ActiveX Java Fortinet ssl vpn 1 0 Fortinet SSL YPN Client 1 0 Link Status ServerIP Bytes Sent Bytes Received Down i72 20 120 122 104 jo jo Fortinet SSL VPN client driver not installed 3 FortiGate vpn ssl vpn FortiGate IP TCP Fortinet ssl vpn IP 1 web ssl vpn Activate SSL VPN Tunnel Mode SSL YPN Session Info Login Name dgiroux 0 hour s 2 minute s 16 second s HTTP Inbound Outbound Traffic 0 bytes 0 bytes HTTPS Inbound Outbound Traffic O bytes 0 bytes FT JF Fortinet ssl vpn gt
48. Name group2 Type SSL VPN Available Users Groups Members Local Users a Local Users userl user2 Users on RADIUS LDAP servers Users on RADIUS LDAP servers PKI Users PKI Users vy SSL VPN User Group Options IV Enable SSL VPN Tunnel Service M Allow Split Tunneling Restrict tunnel IP range for this group 10 1 1 51 10 1 1 100 FortiGate IP FortiGate Linux windows PC IP 14 IP Edit Address Address Name fuser1 public ip Type Subnet IP Range z Subnet IP Range 192 168 182 54 255 255 255 2 Interface Any New Address Address Name fuser2 public ip Type Subnet IP Range Subnet IP Range 192 160 102 64 255 255 255 2 Interface Any 15 Linux windows PC New Address Address Name flinux ser
49. ssl vpn ssl vpn FortiGate ssl vpn vpn gt ss1 gt ssl vpn 5 Bookmark Name Link wy Web WebHome http www fortinet com Pi w Telnet TelnetBookmark telnet 198 168 5 238 m Fi url e ssl vpn o ssl vpn e ssl vpn e ssl vpn e ssl vpn e ssl vpn ssl1 von vpn gt ss1 gt 6 New Bookmark Bookmark Name Application Type Web URL wwwforinetcm
50. vpn ssl HP EP IE PKI ssl vpn ssl e e gt 164 164bit e gt 128 128bit e o RADIUS RADIUS o LDAP LDAP e RADIUS LDAP RADIUS LDAP ssl vpn
51. SSL VPN FortiGate FortiGate web only KA DAS oA wim oc EE he FA PS OVE Ta ZT ALP imi EL windows FortiGate cookies ssl vpn Web only Web only web web only s
52. USER GUIDE FortiOS V 3 0 MR7 SSL VPN HP EH FHH KR INET www fortinet com FortiGate SSL SSL Secure Sockets Layer VPN Fortinet e FortiGate SSL VPN o e FortiGate e e FortiGate SSL VPN FortiGate SSL VPN web web FortiGate SSL VPN FortiGate SSL VPN soho FortiGate SSL VPN NAT e Web only web e FortiGate SSL VPN web only
53. ssh IP 192 168 1 3 Title SSH Bookmark Application Type SSH M Host Name IP 192 168 1 3 Cancel 5 OK 6 ssh 3 FortiGate FortiGate web su 7 oe 8 ssh 1 Connect Connect to 1192 168 1 3 Applet SshApplet started 172 20 120 128 10443 SSH User Authentication Please enter SSH username and password User Narre admin Password ok Cancel 9 Sch eRe exit ssh web telnet
54. DNS 1 2 3 4 A AY LYRE ss1 vpn WINS DNS SSL gt VPN gt DNS IP WINS IP FortiGate web web web web FortiGate internet ssl vpn 1 HEA FOAL a 2 ssl vpn 3 ss1 vpn 4 url url 5 OK web HTML web
55. RRP Sun Java 1 4 Java applet JavaScript cookie A SA web ssl FortiCate CLI ssl v2 FortiGate web SSL web 64bit MEKE Internet web web ssl vpn ssl vpn ssl vpn i web FortiGate HTTPS FortiGate ssl vpn
56. only No User Source IP Begin Time Description 1 User_1 172 20 120 20 Tue 4ug 2 21 10 41 2005 Subsession Web Application FTP No IP FortiGate IP FortiGate IP 4 No User Source IP Begin Time Description al User_4 172 20 120 20 Tue Aug 23 10 26 34 2005 Subsession Web Application TELNET 10 10 10 10 Subsession Tunnel IP 10 10 254 1 i ssl vpn web only FortiGate web url Tp
57. ActiveX CIE Java Mozilla Firefox IPSec VPN IPSec IPSec VPN SSL VPN web only web SSL VPN Internet SSL VPN FortiGate HA IPSec VPN HA IPSec VPN SSL VPN SSL VPN FortiGate cookie SSL VPN SSL VPN SSL VPN FortiGate
58. Macos X vl0 3 9 vl0 4 Tiger v10 5 leopard Linux Distributions RedHat Fedora Ubuntu Debian Suse o IE6 0 JAB T Active X Java FAM Mozilla Foundation Firefox 1 5 gt WINDOWS SSL VPN SSL VPN SSL VPN gt IP ISP ISP FortiGate FortiGate FortiGate IP 1 FortiGate FortiGate_1 Subnet_1 Subnet 2 1 SSL VPN Subnet_1 6 1Z235155 T00724 Remote client HTTP HTTPS 1216102 wan1 Telnet 172 16 10 3 dmz FortiGate_1 W2Z2AG 1IOM fi internal 192 168 22 1 FTP 172 16 10 4 SMB CIFS W7ZAGAGS Subnet_2 192
59. X509 IPSec VPN site to site IPSec VPN SSL VPN SSL VPN IPSec VPN web IPSec web IPSec IP VPN SSL web web IP web web HTTP IPSec
60. 168 22 0 24 subnet_1 FortiGate_l e SSL VPN web only web AL o FortiGate IP o IP 172 16 10 0 24 o ssl vpn VPN subnet_1 subnet 2 IP 192 168 22 0 24 subnet_2 e FortiGate NAT IP e ISP FortiGate IP e web web only e HTTP HTTPS telnet ssh ft
61. CHAH GEH Logout web Logout
62. CS servers NewRADIUS RADIUS _10 ServerR4DIUS TESTRADIUS KI Local Users Users on RADIUS LDAP TACACS servers PKI Users 14 Y SSL VPN Use Group Options J Enable SSL VPN Tunnel Service Allow Split Tunneling Restrict tunnel IP range for this group J Enable Web Application HTTP ATTPS Proxy FTP SSH Host Check C Check FortiClient Av Installed and Running Telnet applet SMB CIFS C Check FortiClient Fw Installed and Running C Check for Third Party AY Software C Check for Third Party Firewall Software C Require Virtual Desktop Connection _ Enable Cache Clean O Bookmarks Us er Groupl VNC RDP Redirect URL Customize partal message for this group ok Cancel 2 web only group 3 SSL VPN 4 5 ssl vpn 6 FortiGate SSL VPN SSL VPN web only
63. Fortigate_ip_address gt FortiGate IP Hohe SA 443 web 443 web FortiGate L gt gt 2 ssl vpn 3 IP VPN gt ss1 gt IP ssl vpn IP FortiGate ssl vpn FortiGate IP Hoh Za FortiGate ssl vpn aw Lux IP HEHE AN BES CA He AEM eA IP 10 254 254 0 24 IP 1 VPN gt ss1 gt 2 IP IP 10 254 254 80 10 254 254 100 3
64. HTTPS FortiGate web FortiGate web JA gt a PASAR TT DUE FA es ORZ EELER Fortigate FortiGate web CLI FortiGate CLI FortiGate Zan Ze He O No BM FortiGate FortiGate RA AHS EAP PARE OC FortiGate VPN gt ss1 gt ssl vpn web ssl x 509 VPN gt ss1 gt o FortiGate web web
65. VPN web web DNS WINS DNS 1 DNS DNS 2 WINS 1 WINS WINS 2 SA P web IP 0 0 0 0 IP FortiGate web HTTPS web TCP 10443 url web https lt Fortigate_ip_address gt 10443 remote lt
66. ate SSL VPN Xf FortiGate IPSec VPN 49 FortiGate SSL VPN web SSL VPN FortiGate PPTP VPN web PPTP VPN CA FortiGate VLAN VDOM NAT VLAN VDOM Fortinet Fortinet Fortinet www fortinet com Fortinet FAQ Fortinet Fortinet techdoc fortinet com BE RS BOAR SCE Fortinet Fortinet
67. hnLab Kaspersky ZoneAlarm MMR RMR KKK KK em ma ZO 11 JAS FortiGate ssl vpn web sll vpn 12 MAY ssl vpn 13 web FortiGate HTML URL urle 14 web vpn gt ss1 gt 15 OK web ssl vpn TP
68. ortal Message gt Advanced DNS and WINS Servers JAS ssl vpn ssl vpn gt userl user2 gt userl linux user2 windows pc ssl vpn IP gt groupl X ssl vpn HPH H useri IP 10 1 1 1 10 1 1 50 12 groupl Name group1 Type SSL VPN Available Users Groups Members Local Users 3 Local Users user2 useri Users on RADIUS LDAP servers A Users on RADIUS LDAP servers PKI Users PKI Users v SSL VPN User Group Options IV Cnable SSL VPN Tunnel Service Allow Split Tunneling Restrict tunnel IP range for ths group 10 1 11 fi01150 o _ group2 ssl vpn user2 10 1 1 51 10 1 1 100 IP 13 group2
69. p smb cifs vne RDP FortiGate FortiGate FortiGate SSL VPN 1 SSL VPN ssl vpn 2 x 509 CA FortiGate 3 FortiGate ssl vpn 4 e web only web o 5 ssl vpn 6 ssl vpn ssl vpn web HTTP
70. rictive Cipher Strengtr Any v User Authentication Method Any ov Available Groups Allowed gt ssl vpn 18 Y Stews Y wow Source Tv Destination Y Schedule Y Service Y Profle Y Acton w external gt internal 2 jd 2 usert public ip linux server always 9 ANY savn at FS 3 userz public ip windows nc always ANY SSL VPN EPEE internal gt external 1 Vv 1 eall eall always ANY ACCEPT az Aa NS we eG Ab kE ssl vpn DENY ssl von IP Edit Address Address Name SSL_VPNI Type Subnet IP Range z Subnet IP Range 10 1 1 1 100 Interface Any re v Column Settings Y Status Y ID Y Source VY Destination Y Schedule Y Service Y Profile Y action w external gt internal 4 al 2 uscri public ip linux scerver always ANY SSL VPN im Pi FA M 7 user2 public ip windows pc always o ANY SSL VPN A laf HA M 3 SSL YPN all always ANY on gaa M 4 Joal o all always ANY AccEPT A g Bg ssl vpn ssl root ssl vpn ss1 vdom_name ipsec ZEAE vdom ssl root ssl root
71. rtiGate FortiGate ssl vpn ENZ EN Active X Java Ut TPE Fee FortiGate Fortinet ssl vpn ActiveX Java ActiveX Java FortiGate ssl vpn FortiGate vpn FortiGate web Fortinet ssl vpn ActiveX Java web ssl vpn FortiGate vpn eo lt web ActiveX Java ActiveX Java ActiveX Java l web ssl vpn Activate SSL VPN Tunnel Mode SSL YPN Session Info
72. sl sun Java BEY web Forti0S SSL VPN web only SSL FortiGate web HTTP HTTPS Telnet FTP SMB CIFS VNC RDP 4y SSH web only FortiGate HTTP HTTPS FortiGate web web FortiGate FortiGate web SSL VPN SSL web e Windows 2000 xp 2003 vista Linux MacOS X UNIX e Internet Explorer 6 0 Netscape Navigator 7 0 AS Mozilla Foundation Firefox BK Apple Safaril 3 o Telnet
73. tps 77172 20 120 128 10443 YNC Mozilla Fir f VNC Server Port fi 0 10 10 10 User Name usemame Password pa 8 0K 9 VNC RDP RDP Sis SA RDP RDP Host e yourserver com m fr fr windows windows windows window tr e ar o da e de e en bg e en us o es e fi e fr e fr be o hr o it e ja o it HE o 1v e mk Iie o no o pl o pt e pt br e ru e sl e sv e tk EESK e tr EHHH 1 2 3 RDP 4
74. ver Type Subnet IP Range z Subnet IP Range 10 159 0 7 255 255 255 255 Interface Any 0K C cancel New Address Address Name windows pe Type Subnet IP Range Subnet IP Range 10 158 0 10 255 255 255 255 Interface Any E gt userl ssl vpn groupl 16 userl Source Interface Zone external z Source Address userl Public ip Multiple Destination Interface Zone internal z Destination Address fi linux server Multiple Schedule aways o COS Service AN 5 Multiple Action SSL VPN SSL Client Certificate Restrictive Cipher Strength Any s User Authentication Method Any Available Groups Allowed Q Pe i user2 ssl vpn group2 17 user2 Source Interface Zone external Source Address user2 public ip z Multiple Destination Interface Zone internal z Destination Address windows pe x Multiple Schedule aE Service AN x Multiple Action SSL VPN SSL Client Certificate Rest
75. windows2000 windows xp 0 action check up to date 2 Clatest patch level WE tolerance windows2000 windows xp vpn config vpn ssl settings set sslvpn enable enable set tunnel endip 10 1 1 10 set tunnel startip 10 1 1 1 end config user group edit gl set group type sslvpn set sslvpn tunnel enable set sslvpn tunnel startip 10 1 1 1 set sslvpn tunnel endip 10 1 1 10 set sslvpn webapp enable set sslvpn os check enable config sslvpn os check list windows 2000 set action check up to date set latest patch level 3 set tolerance 1 end config sslvpn os check list windows xp set action allow end set member ul set sslvpn split tunneling enable set sslvpn http enable next end config firewall policy edit 1 set srcintf internal set dstintf external set srcaddr all set dstaddr 172 18 8 0 24 set action ssl vpn set schedule always set service ANY set groups gl next end ssl vpn IP AY ip
Download Pdf Manuals
Related Search