FortiGate SSL VPN Configuration (FortiOS 6.4.0 Basic)

Great tutorial, really appreciate this step by step setup. Great detail and very thorough! Thanks!

corrupted mac packet detected
hello dear
I present this error configuring vpn ipses
any idea why this happens

This was an excellent tutorial! I can't believe I was able to get this to work just by viewing one RUclips video. Thanks for educating me on this. My boss is extremely happy as am I. Great job!

So far one of the best tutorials Ive seen and Im only half way through. Great work and appreciate!

Hi @fortinet guru, thanks for the brilliant explication, i have a question in my job we connect through forticlient app which point to a fqdn name instead to ip address,so how does is it configured that on the fortigate firewall?
Thanks in advance.

love this fucking channel man keep up the good videos

Hay Mate, I am working on 2FA with SSL VPN on Fortigate, I have done this with email and tokens, do you know is there a way to achieve third party 2FA with Fortigate device like Microsoft Authentication etc.

your videos are really good - i'm searching for NSE 4 6.2 training content!

How about a start to finish SSL Cert for the Fortigate so I don't have to see the warning in Chrome every time I access the firewall. From generating CSR, Filing out the SSL request, CN, Domain etc., then what to import back in. I'm hung up on the issue that I don't understand the CSR asks for domain name, its not a domain its a router. I access it by xx.xx.xx.xx not myrouter.com.

Thanks so much. One change I had to make to make remote access work from a remote location was turn on NAT. Coming from a netgear router, Fortinet is significantly more complex. Thanks for these directions. Would be very difficult to do without a video like this.

Nice video during the current lockdown situation. Honestly, i never really believe into SSL VPN as IPSec dialup vpns were always quicker and more secure overall for me. But thats me. I am sure this video will be super useful for loads, keep it up mike! 👍

Hello, I was waiting for your review on the DNS split tunneling option and then you passed it at 17:46, was it intentional? xD I know this feature had bug-related topics

great video only got 1 problem when I checked for firewall policy there was none!!! HELP!!!

This best and compressive video to learn SSL-VPN setup

hi nice videos ,,, can i ask can you setup a ssl site to site vpn I dont want to use ipsec ... does the fg40 support this type of vpn, thanks

Just curious for smb’s who dont have static IP’s, can this be achieved with dynamic addresses? I had a 300a that I used dyndns to see cameras remotely, but never setup vpn. On the new 300D, those options aren’t available in the web gui anymore, only a fortinet dns.

Thanks Man, I was able to connect but i do not see any of my internal network devices and drives, am I missing something?

I love your videos, but the more advanced stuff always promised to come in a future video doesn't ever seem to happen. Seems like you just rehash the video from previous FortiOS. I'm sure there's others who would patreon a good amount for the videos on advanced configs

very good, thanks. I just got my 30E and will be learning with your videos.

Hello, new to the channel. Thanks for your videos. I'm fairly new to ForiGates and wish I found your channel a few months ago :)
for a more in-depth video, you should restrict to Geographic region (only allow SSL connections from US)
Is there an easy way to use an AD security group for managing authentication? I did this on WatchGuard firewalls and put a checkbox on a new user setup sheet "does new use get VPN access" if yes, all I did was add them to the SSL-VPN security group in AD for permission.
Also, would love to see options for using 2FA with LDAP. (Something I'll be considering for some clients of mine.)

clips. I use a drum loop and afterwards I want to record a appguitar. What happens.. the drumloop starts to record again along the

you da man!

Buen día, realice la configuración y me da acceso solo con datos, con wifi me marca error de DNS, a que se debe este errror?

very nice. Video on always on vpn (rather than auto-connect)? LT2P?

Thank you very much. you coverd all the basics end to end. --- Very helpfull

Thanks, very useful

Hi I really enjoyed watching your videos keep it up (Y)
In the near future we love to have a video that explains the different subscription options for fortigate and how to know if it is the right subscription for us . Or do we need those types of subscriptions in our environment.
If you have time and available.
thank you
More power Fortiguru

can you upload latest firewall 600e with New version 7.0

Good video thanks - Question do you have any SSL computer certificate authentication videos or guidance

SIR CAN WE CREATE A VIDEO IN VPN USER NOT WORKING IN 10 MINUTES AFTER VPN AUTO DISCONNECT POLICY CREATED NOTIFICATION ON MY PC

The ISP speed is cut drastically with SSL VPN..any idea why? I get about 400mbps at home without VPN but with SSL VPN..I get around 50mbps..

when you use your real PC connect to lab, is it will be loop?

HiMate
LOVE YOUR VIDEOS.
do you have a video on site to site vpn with overlapping subnet between sites?

Hello, Just subscribed.
Can you make a video describing different use cases when to setup SSL-VPN and IPSec VPN.

There is no "Firewall" under "Policy & Objects". Did it get moved? Currently running FortiOS 6.0.4(GA)

When I use GMS it's just a loud distortion soft what's up with that?

once I have configured the VPN, I cannot login into Fortigate web interface using my admin login! I can only login into the VPN using the VPN user? it gives me access denied.

Excelent video !! Its posible create a policy VPN OUT ? I need access a share printer in a forticlient client PC , but I cant access this machine form my office

Hello, Thanks for your videos I want to know if this setup will work if my VPN Firewall/Router WAN connection is using 4G (SIM Card) keeping in mind that ISP provides only privet addresses (no real IP address) for devices connecting over 4G

bro how can you set it up so users can log in with their azure credentials

Hello, do you have paid developer services? Are you a company

Thanks a lot.... very helpful video

I was using 80C, 90D. Was told that support for firmware will cease this yr for 80c. maybe next year 90D. which model will you recommend for replacement if these are going to be out of support? Thank you!

Hi I tried this after watching your video.. SSL VPN portal works without any problem.. but forticlient not establishing tunnel connection with remote gateway.. is there anything I need to check specifically??. Fyi, portal is set to full access...

how do you filter what each user can access through the vpn?

Hello, we are new to the Fortigate appliance world and we are now running a 100F at each of our facilities. We have an IPsec tunnel that works fine, and we have SSLVPN set up for both branches, but we cannot get an SSLVPN user to go through the IPsec to access remote branch resources. Do you have a video talking about this configuration?

hi am facing a problem when there is a power issue, my ipsec vpn tunnel goes inactive, & it takes more than 45 minutes to come up, can u please tell me y am facing this problem, can u troubleshoot this issue

I have ab issue that requ me to upgrade the fortieth client to 7.05 but it does not allow the connect vpn first option so what would you recommend

I need to deploy the Forti VPN client to a few hundred laptops via GPO. Previously (v6) i used a Forticonfigurator to create an MST with custom settings i.e. remote gateway address, custom port, etc. The Forticonfigurator only supports up to version 6. Any ideas on how best to customize the installer for newer version?

TNice tutorials is so fun editing in it I just saw half of your tutorial and couldn't stop PLAYING WITH ITT dont worry I ca bac k after it

Hi...network speed automatically slow down when i login to SSL VPN. Before login in to VPN speed is good. please suggest what to do

I know this is a random question but is there a standalone VPN installer?? I just tried to install the free version and it is so slow to download the image!!

VPN connects but then how do you remote access the computer at a different site? Tried RDP but kept failing??? I'm so confused on the final step that no one is ever explaining..

my fortigate firewall model is fortinet 100

Really looking to get the SAML auth working on SSL VPN. Even Fortinet support doesn't really know it yet. Has anyone been able to get SAML working with Google or Azure?

bro your tutorial made me feel sleepy, i have a lot of confusion sorry, I hardly understood.

Hi Sir,
Thank you for the video. Could we have multiple DNS Servers for the VPN Users. I see only one option to select one Primary DNS and Secondary DNS in SSL VPN Settings. Is there any other option having VPN users of different portals to have multiple DNS Settings.

how to create VPN for all Network Access ( IT Team ) & How to access specified Network Allow to any user ( Common User )

Hello.
The idle timeout for the SSL VPN usually fails. Changing the 300s time also has no effect.
How can this be dealt with?

Does fortigate still offer a pure SSL VPN only client or do you have to use the forticlient with the AV and malware stuff built in? Or if that's the question, would it be better to just use the web portal to connect?

Hi fortinet guru, for a v5.6.1 fortigate host check standalone, does it only check AV and firewall, or other things?

Hello dude, i have one question...i need to connect 300 users via vpn to access my web app, but i have only small Fortinet 60F. Is it possible to use 60F for that number of VPN users (SSL VPN). They will not be concurrent connected to my system, only as needed. Thanks in advance for answer and i have to tell you that your channel is my favorite one.

Hey great guide, i managed to connect the vpn client on my wifi lan however, when i try to connect to the vpn from a mobile hotspot, it does not connect

Very helpful ... actually I in need to configure FG200E to enable specific number of remote users to access a server ?

Great stuff. Can you make a video on SSL Offloading in Fortigate Firewalls. Thanks in advance.

Thank you for all your efforts.

Hi, Thanks for this video, i tried to follow it however facing that unable to establish vpn connection. appreciate any advice on the error i facing

is there an option to increase session time on forticlient ? Because, allways up options is not free. Not seems good to have a VPN that have a session time. For the real life scenarios, that make a lot of problems.

its a great tutorial - by any chance do u have a tutorial to remote access thru specific protocol web portal ? appreciate

Hey Fortinet Guru, how do we restrict SSL VPN connections to only company machines?

hello great videos i really like them!
do you know which version is the most stable right now for example 61F?
we are thinking about going for 6.4.6 but i can't find relevant information on the internet for firmware recommendations...

thanks you for sharing

It's me or everyone notices his hair?

How long does it take to learn soft?

I have problem with error -12 when connect reach 80% . How to fix

Nice video, i appreciate your efforts. Kindly increase volume in the next videos.

When I check "Enable split tunneling" it asks for a "routing address" May I know which address is necessary to insert?

WONDERFULL LOT OF LOVE FORM INDIA

Hello , thanks for this info . Can you assist with setting up site to site VPN . Thanks

Great

Please put a video on Differences between SSL VPN AND IPsec VPN

Permission denied forticlient warning error solved this problem vpn not connected

Hi, Thanks for the Video, for remote gateway we need a Public IP Address right ? or in order to connect FortiGate VPN we need a Public IP address ?

Hi @Fortinet Guru, thanks for the video. I tried out the split tunneling, I could connect, but could not pass traffic through to my LAN and I have a policy for my LAN. Kindly help

Don't you need deep packet inspection for av and app control on encrypted connections?

Hi,
Think you for this video. Just one question, can we have a forticlient preconfigured, so our client doesn't have to enter remote Gateway etc. Install forticlient and then login password.
Regards,

Awesome job! thanks Can you show how to point to a Hostname if using dual circuits

I need clarification. At 15:35 you add 2 subnets. Are these the active local subnets within your domain that the vpn will connect to?
Thanks. Great video!

Thank you very much!! regards from VietNam!

i did the same but idid not get my office ip , so i cant access software

Thank you sir! Very helpful tutorial.

Hi Sir. Thank you so much for this. You helped me saved my job

Hey Mike! Cool videos, been learning a lot. Can you make a video how to setup VPN Clients to authenticate via their G-Suite SAML and as well as 2-step verification e-mail as an OTP receiver.

Thank you for this video. Does it make sense that my users are have to connect after 8 hours of use? Do I need some sort of license to avoid that? Thank you.

Very very very helpful thank you so much!!!

Informative

Do the trial VM's have limitation on Forticlient VPN because it works on web but doesn't work when connecting with the client. Debug shows session disconnects while negotiating SSLv3/Tlsv ?

thanks a lot verry helpfull, appriciate

Hey friend, how i can increase the number of max conection in fortigate?

Very helpful! Thank you for this intuitive walkthrough!!