The user group is associated with the web portal that the user sees after logging in. You may already have users defined for other authentication-based security policies. The first step for an SSL VPN tunnel is to add the users and user groups that will access the tunnel. This section contains the following information:Īdditional configuration options User accounts and groups (Routing in tunnel mode on page 30) l Setup logging of SSL VPN activities. (Configuring security policies on page 1) l For tunnel-mode operation, add routing to ensure that client tunnel-mode packets reach the SSL VPN interface. (Configuring SSL VPN web portals on page 22) l Configure the security policies. (User accounts and groups on page 17) l Create a web portal to define user access to network resources. L Create user accounts and user groups for the remote clients. This chapter outlines these key steps as well as additional configurations for tighter security and monitoring. The first three in the points below are mandatory, while the others are optional. There are three or four key steps to configuring an SSL VPN tunnel.
![fortinet vpn configuration fortinet vpn configuration](https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/resources/598118ae-ea1f-11e9-8977-00505692583a/images/04b98c2a8db938a2af197b5e6ba21959_3a-wizard-1.png)
For real-world examples, see Setup examples on page 54.
![fortinet vpn configuration fortinet vpn configuration](https://help.zscaler.com/downloads/zia/traffic-forwarding/ipsec/ipsec-vpn-configuration-guide-fortigate-60d-firewall/fortigate_300E_ikev2_vpn_setup_phase1-proposal.png)
The configurations and steps are high level, to show you the procedures needed, and where to locate the options in FortiOS. This chapter describes the components required, and how and where to configure them to set up the FortiGate unit as an SSL VPN server. Configuring SSL VPN involves a number of configurations within FortiOS that you need to complete to make it all come together.