Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
parthpatel
Staff
Staff

Created on ‎04-12-2023 10:24 PM

Article Id 252222

Technical Tip: SSL VPN user authentication issue when firewall is in NGFW policy-based mode

Description

 

This article describes that if the SSL VPN settings are already configured on the FortiGate running NGFW policy-based mode and have the policy under security policy, it still sends the error message stating 'Permission Denied' as the screenshot below.

 

MicrosoftTeams-image (14).png

Scope

 

FortiGate.

 

Solution

 

- Check the ‘SSL Inspection and Authentication’ policy because if the policy is already configured under ‘Security Policy’ it will only be referred for UTM features.

- In order to allow the traffic to pass through, it is necesarry to configure the group under the ‘SSL inspection and Authentication’ as in the image below. This will ensure that VPN users are being authenticated properly while logging in.

 

KB2.PNG

-

Under this ‘SSL Inspection and Authentication,’ all the user groups need to be added.

Once the user group is added here, FortiGate will be able to authenticate the user without any issues.

488
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.