Network Router User Manual
Table Of Contents
- Contents
- Introduction
- Configuring a FortiGate SSL VPN
- Comparison of SSL and IPSec VPN technology
- SSL VPN modes of operation
- Topology
- Configuration overview
- Configuring the SSL VPN client
- Configuring SSL VPN settings
- Enabling SSL VPN connections and editing SSL VPN settings
- Specifying a port number for web portal connections
- Specifying an IP address range for tunnel-mode clients
- Enabling strong authentication through security certificates
- Specifying the cipher suite for SSL negotiations
- Setting the idle timeout setting
- Setting the client authentication timeout setting
- Adding a custom caption to the web portal home page
- Adding WINS and DNS services for clients
- Redirecting a user group to a popup window
- Customizing the web portal login page
- Configuring user accounts and SSL VPN user groups
- Configuring firewall policies
- Configuring SSL VPN event-logging
- Monitoring active SSL VPN sessions
- Configuring SSL VPN bookmarks and bookmark groups
- SSL VPN host OS patch check
- Granting unique access permissions for SSL VPN tunnel user groups
- SSL VPN virtual interface (ssl.root)
- SSL VPN dropping connections
- Working with the web portal
- Index
Working with the web portal Tunnel-mode features
FortiOS v3.0 MR7 SSL VPN User Guide
01-30007-0348-20080718 81
Figure 25: Fortinet SSL VPN Client 1.0 page (tunnel mode)
Working with the ActiveX/Java Platform plug-in
The ActiveX/Java Platform plug-ins provide the software that your client computer
needs to establish an SSL VPN tunnel with the FortiGate unit. You have to
download the ActiveX/Java Platform plugin from the FortiGate unit and install the
plugin on your client computer before your computer can establish a VPN tunnel
with the FortiGate unit. Controls for downloading and installing the ActiveX/Java
Platform plug-ins are displayed in the Fortinet SSL VPN Client area of the web
portal.
You only have to install the ActiveX/Java Platform plug-ins once. Afterward, you
can use the SSL VPN client software to initiate a VPN tunnel with the FortiGate
unit whenever you access the web portal.
Link Status The state of the SSL VPN tunnel:
• Up is displayed when an SSL VPN tunnel with the FortiGate
unit has been established.
• Down is displayed when a tunnel connection has not been
initiated.
Bytes Sent The number of bytes of data transmitted from the client to the
FortiGate unit since the tunnel was established.
Bytes Received The number of bytes of data received by the client from the
FortiGate unit since the tunnel was established.
Install Download the SSL VPN client software from the FortiGate unit
and add the ActiveX/Java Platform plugin to the local web
browser.
Uninstall Uninstall the ActiveX/Java Platform plugin.
Connect Initiate a session and establish an SSL VPN tunnel with the
FortiGate unit.
Disconnect End the session and close the tunnel to the FortiGate unit.
Refresh Now Refresh the Fortinet SSL VPN Client page.
Note: On your web browser, ensure that the security settings associated with the Internet
zone permit you to download and run ActiveX/Java Platform controls. You must also have
administrator rights on your computer to install the ActiveX/Java Platform controls.