Thursday, November 24, 2016

Fortinet continuous VPN from client

Fortinet - Setup continuous VPN 


Hi, If you want to setup the VPN  to be connected for a long time then you can do this in two ways

  •  Set keepalive on tunnel mode.
  •  set keepalive only for particular user
  •  set keepalive only for set of user
First decide, to whom you want to permit Continuous 
Remote access VPN as it is can bring security issue

Set keepalive on tunnel mode:

To permit Continous VPN to all users, then configure 
it on global Ipsec mode, for this 

config vpn ipsec phase2-interface //name of phase
     edit "IOS-IPSEC"  // name of vpn 
        set keepalive enable
end

set keepalive only for particular user :

To permit only for a particular group of users then first add users to the desired group, then
config vpn ssl web portal
     config user group
        edit "continous vpn group"
        set keepalive enable
end

set keepalive only for set of user:
To permit only for a particular user, then

config vpn ssl web portal
     config user local
        edit " user"
        set kepalive enable
end

Hope it solves your issue, if not , do comment and lets solve it together.

Thanks



1 comment: