Cookbook : https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/364638/adding-security-policies
Step1:
VPN > SSL-VPN Portals > Edit full-access > disable “Split Tunneling”
Step 2:
VPN > SSL-VPN Settings >
– Listen on Interface(s) select WAN interface
– Listen on Port: by default is 443, you can change it
– After select WAN interface and Port, will show you how to access SSLVPN
– continue on step3.
Step 3:
continue step2, Authentication click “Create New”, new an SSLVPN Group with users for login.
Step 4: Setup Firewall Policy
Policy & Objects > Firewall Policy
– Incoming Interface is SSL-VPN tunnel interface
– Outgoing Interface is LAN
– Source add SSLVPN Group << This is User Group
– Destination select LAN Subnet
Step 5: Download SSLVPN client
Outbound User can access SSLVPN Portal that can verify the username password and download SSLVPN client on this page.
e.g. : https://21x.x.xxx.xxx:10443
Step 6:
After login, you can download FortiClient here and install it
Step 7:
Open FortiClient just enter the name and remote gateway address:
e.g. : 210.x.xxx.xxx:10443