FORTIGATE - how to test SSLVPN ?

Hi Experts,

I have setup new networks on my FORTIGATE and SSLVPN.
How can I test this VPN ?
Can I test it with an IPAD or ANDROID smartphone ?
Eprs_AdminSystem ArchitectAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Ronald PragueCommented:
I'm going to assume you've followed the cookbook for setting up SSL and have the appropriate policies in place.

The SSL VPN is pretty easy to test, get a laptop and head to starbucks, and bring an android/iphone.

I'll assume you've followed the instructions and have uploaded a cert for whatever FQDN you're using.  You can see what IP addresses are listening if you go to VPN->SSL->Settings and right under the "listen on port" box you'll see the listener.

Get external, and go to that address.  For example: https://vpn.testcompany.com (if you have a cert and external DNS) or https://1.1.1.1 if you just want to test via IP address.

This will prompt you to install a plugin, once that's done, relaunch your browser or find the Fortigate SSL VPN client installed on the box.  Enter the username/password you set up under the portal and hit connect.

The phones are easier, just download the FortiClient VPN from either app store (Note, certain older android and iOS versions simply will not work), enter the same address as above, your credentials and hit 'connect', that's all there is to it.  You can verify the tunnel is working via whatever firewall rules you have enabled for the tunnel IP range you assigned to that particular portal.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
btanExec ConsultantCommented:
though this short brief is not iOS or Android, it is similar since they will still use Forticlient apps. It is the short SSL VPN setup of the following
1. Creating a VPN portal with custom bookmarks (easier user access to internal resources)
2. Creating a user and user group (user auth identity within group via local/RADIUS/LDAP)
3. Configuring the VPN tunnel (interface and mapping user to portal access)
4. Creating security policies (allow internal access and internet access)
http://cookbook.fortinet.com/ssl-vpn-windows-phone-8-1/

Likewise for the notebook version and with RADIUS, can check out this and same step strategy but key is perform a RADIUS connectivity test from the Fortigate (e.g. by clicking Test Connectivity) and the client is the notebook version. Note it is using MS-CHAPv2 (userid/pass)
http://cookbook.fortinet.com/ssl-vpn-radius-authentication/
Eprs_AdminSystem ArchitectAuthor Commented:
the test from external was ok.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.