Created on 08-21-2019 01:36 AM Edited on 02-17-2022 12:55 PM By Anonymous
Description
This article describes why it is not possible to configure multiple user groups for L2TP over IPSEC VPN on a FortiGate in order to use granular access in firewall policies.
Solution
Due to the limitation of L2TP on the FortiGate, the group which was configured in "config vpn l2tp" is only used for the VPN authentication, and it is not possible to retrieve any other groups that would be usable for granular access in policies.
As a workaround, it is recommended to use IPSEC VPN or SSLVPN with the FortiClient.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.