Created on 10-03-2023 10:19 PM Edited on 11-24-2023 07:21 AM By Stephen_G
Description | This article describes how to restrict or allow SSL VPN access from users in specific countries using the FortiGate SSL VPN settings. GUI and CLI methods are shown. |
Scope | FortiGate. |
Solution |
Note: For the purposes of this article, assuming that all other SSL VPN settings have been configured, access will restricted or allowed to the SSL VPN from users in Canada and the United States only.
GUI configuration:
Category: Address
Note: It is possible to change the 'Color' and 'Interface' fields to leave at defaults.
config firewall address
config vpn ssl settings Note:
If there are SSL VPN authentication rules that have the source-address defined as 'all', the globally configured source-address will not work. Make sure to remove source-address from the authentication rules, or configure appropriate source-addresses from allowed countries for each authentication rule.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.