{Solved} Fortinet firewall 5.2.5 and higher SSL portal accessing issue

-



Recently i have came across the issue that even after making the correct configuration SSL Portal was note opening in Fortigate frimware version 5.2.5 and above.

 Solution:
So in your policies you might have written 
Source interface: ssl.root
source address: all

 Destination interface: internal
Destination address: all

 service: all
action: accept

 Here, you should not give source address to all.
Your ssl root --> lan policy should look like this

 Source interface: ssl.root
source address: <SSL-VPN-SUBNET>
source users: <source users group>     >>>>>> The SSL Users group you have created.

 Destination interface: internal
Destination address: all

 service: all
action: accept
If your configuration is correct apart from this, then you should now be able to see the portal.

Comments

Post a Comment

Popular posts from this blog

Converting cisco 1852 AP to controller (Mobility express)

-
           CONVERTING 1852 AP TO MOBILITY EXPRESS Get your work done easily, watch the video for this process:   CLICK HERE FOR VIDEO Pre requisites: 1.1852 AP 2.Mobilty express image 3.Mobility express update image 4.TFTP server 5.DHCP server Procedure: Step-1: Connect the 1852 AP in network which have DHCP server. Your PC should be in same network and reachability should be there. (between PC and AP) Step-2: Install the ME image  Open the tftp server and start it. Keep the Mobility express image (30MB) in TFTP-Root directory. go to AP console and issue the below commands: logging console disable      //optional prevents from bothering up with console logging messages debug capwap console cli ap-type mobility-express tftp://x.x.x.x/<image>.tar With the above commands, We have downloaded the ME image into the AP. It Will automatically reboots waits until it does!  Wait 10 - 15 M...
Read more

Cisco Access Point Cap to Sap / Sap to Cap conversion

-
Image
CONVERTING CISCO CAP TO SAP / SAP TO CAP (lwap - Ap / Ap - Lwap): You can watch the video too...!!! Conversion of the AP's using downgrade or upgrade takes a lot of time and most of the times the IOS loaded will lead to an error, So Instead of that process i am going to use ROMMON recovery, It's a simple procedure for IOS changing. It will help a Network engineer's work a lot easier. ROMMON recovery is a process of Deleting the existing flash, and re-inserting our desired IOS. Follow the below  procedure. Mandatory Pre requirements: A PC with TFTP server installed. (Turn off Antivirus, Firewall in PC) Cisco AP which is to be converted. Console cable  Procedure: 1) Login to the CLI go to "privilege mode" . (Enable mode) 2) Execute the below command:      show flash: Output for the above command will be like this In the above output following are the firmware images: ap3g2-k9w8-tar.153-3.JBB5.tar ap3g2-k9w8-mx.152-2.JB2  We need to de...
Read more

HP Switch Comware firmware Upgradation

-
Image
      UPGRADING FIRMWARE IN HP SWITCHES In Switch: <system>system-view [system]ftp server enable local-user admin password simple admin authentication-attribute user-role network-admin service-type ftp quit vlan 2 port gigabitethernet 1/0/1 quit interface vlan-interface 2 ip address 192.168.1.1 255.255.255.0 quit save in PC Turn off windows firewall Turn off Any antivirus Turn off windows defender //connect a cable one end to switch 1/0/1 port and other end to your PC. configure static ip address in your PC. IP:192.168.1.10 Mask: 255.255.255.0 Test the connectivity by pinging 192.168.1.1 Open command prompt with administrator rights Type: ftp 192.168.1.1 username: admin password: admin ftp> binary ftp> put filename.ipe wait for 3 min. file will be uploaded to switch. after uploading completed type in the following commands. <system>boot-loader file flash:filename.ipe all main pres...
Read more