Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff

Created on ‎08-21-2019 01:36 AM Edited on ‎02-17-2022 12:55 PM By Anonymous

Article Id 193352

Technical Tip: Multiple user groups configuration for L2TP over IPSEC VPN on a FortiGate.

Description
This article describes why it is not possible to configure multiple user groups for L2TP over IPSEC VPN on a FortiGate in order to use granular access in firewall policies.

Solution
Due to the limitation of L2TP on the FortiGate, the group which was configured in "config vpn l2tp" is only used for the VPN authentication, and it is not possible to retrieve any other groups that would be usable for granular access in policies. 

As a workaround, it is recommended to use IPSEC VPN or SSLVPN with the FortiClient.

 

3425
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.