USE PORT 10443
- Download the SSL Vpn clients for Windows, OSX and Linux below. Use only these versions as they are tested to be stable
- THE USER MUST BE ADDED TO THE REMC1MemberVPNAccess groupDistrictVPN (ie. ADMVPN, CLKVPN, etc) group in the district's domain. This group is a member of REMC1MemberVPNAccess at the root of the forest adremc1.org which is located in the ManagedServicesGroups OU. It may take up to 30min for replication to occur before you can add the user.
- The TSL 1.1 and 1.2 security protocols must be enabled (usually is by default), otherwise the connection will fail at 40%. The setting for that in WIndows is under Internet options→Advanced. You can access Internet Options through either the Control Panel or through Internet Explorer.
- OUTSIDE VENDORS OR ENTITIES ONLY CONNECTING IN → must be given a LOCAL FORTIGATE USER and added to the REMC1-District-Ipsecvpn-SSLvpn group (Or a group that is made especially for the vendor for limited access)
- OUTSIDE VENDORS OR ENTITIES ONLY CONNECTING IN → If they only need DMZ access then only add them to the DMZvpn group on the fortigate. You can create other groups which will limit vendors to other areas. This is mentioned in the SSLvpn configuration wiki.
- ONLY FOR REMC1 Employees→ REMC1 EMPLOYEES ONLY MUST BE ADDED TO THE REMC1VpnUsers user group in the REMC1 domain