• Matt Sherif

SSL VPN Realms


Sometimes we put the cart before the horse. My previous post was about adding a virtual host / custom FQDN to a FortiGate SSL VPN Realm. What some may not know is the use case for SSL VPN realms.



SSL VPN realms are a means of providing a customized experience for a particular group of users. Maybe you’re OK with your consultants seeing the default FortiOS login page, but for your remote users you want a more integrated feel with your organizational brand.


For this example we’ll show the default realm, as well as create a new realm named HQ.


Assumptions:

  • This has been tested on FortiOS 6.0.x and 6.2.x

  • SSL VPN Realms have been enabled in System > feature visibility


With that out of the way, let’s get to it!


By default when you browse to the SSL VPN login portal it will look like this:


We’re going to add a custom realm to this FortiGate so our HQ users get a different login screen:

  • Login to the fortigate and go to VPN > SSL-VPN Realms

  • Click on ‘Create new’

  • As you can see here you can customize the login page, I am not a web designer, so I am just going to change a few things with the current layout.


  • Browse to VPN > SSL-VPN Settings and create an authentication / portal mapping to the new realm

Now when we browse to https://uv-gate.ultraviolet.network/uv-hq we get the ‘custom page’:


And thats it! Now you can customize your SSL VPN portals and hopefully do a better job than I did! I hope this was helpful, thank you for reading!

378 views

Recent Posts

See All