Technical Tip: SSL VPN bookmarks for SMB protocol

Description

This article describes how to configure the SSL VPN bookmark for SMB protocol.

Solution

1. Configure the SSL VPN settings.
2. Go to the SSL VPN portals configured accordingly in SSL VPN portals.
3. With a Windows PC with SMB protocol enabled in this example, the folder shared is listed as below.
   
   

4. Select 'Create New' under predefined bookmarks and configure the folder accordingly.
    
   From GUI.
    
   

    

   From CLI.
   
   config vpn ssl web portal
       edit "split-tunnel"
           set tunnel-mode enable
           set web-mode enable
           set ip-pools "SSLVPN_TUNNEL_ADDR1"
               config bookmark-group
                   edit "gui-bookmarks"
                       config bookmarks
                           edit "SMB Test"
                               set apptype smb
                               set folder "192.168.55.123/test"
                               set sso auto
                           next
                       end
                   next
               end
       next
   end
   
   
5. Once logged, access to the specific folder is granted. 
    
   
   

Note.
The credentials depend on the Windows configuration.

To connect to the windows, the FortiGate will use SAMBA (port 139) and not SMB (port 445), so a policy needs that service also. 

FortiCare Ticket