Workspot Configuration Guide for the Fortinet FortiGate Firewall

Similar documents
Workspot Configuration Guide for the Cisco Adaptive Security Appliance

Connecting an Android to a FortiGate with SSL VPN

How To Authenticate An Ssl Vpn With Libap On A Safeprocess On A Libp Server On A Fortigate On A Pc Or Ipad On A Ipad Or Ipa On A Macbook Or Ipod On A Network

Configuring Global Protect SSL VPN with a user-defined port

Accessing the Media General SSL VPN

External authentication with Fortinet Fortigate UTM appliances Authenticating Users Using SecurAccess Server by SecurEnvoy

How To Set Up A Vpn Tunnel Between Winxp And Zwall On A Pc 2 And Winxp On A Windows Xp 2 On A Microsoft Gbk2 (Windows) On A Macbook 2 (Windows 2) On An Ip

Configuring IPsec VPN with a FortiGate and a Cisco ASA

Remote Desktop Gateway. Accessing a Campus Managed Device (Windows Only) from home.

Configuring an IPsec VPN to provide ios devices with secure, remote access to the network

RSA SecurID Ready Implementation Guide

Fortinet Certified Network Security Administrator

NSi Mobile Installation Guide. Version 6.2

Hosted Microsoft Exchange Client Setup & Guide Book

Configuring the Watchguard Edge for RADIUS authentication

Hosted Microsoft Exchange Client Setup & Guide Book

ActivIdentity 4TRESS AAA Web Tokens and SSL VPN Fortinet Secure Access. Integration Handbook

Introduction to Mobile Access Gateway Installation

Global VPN Client Getting Started Guide

Configuring IPsec VPN between a FortiGate and Microsoft Azure

How to set up Outlook Anywhere on your home system

Astaro Security Gateway V8. Remote Access via SSL Configuring ASG and Client

How To Industrial Networking

Introduction to the EIS Guide

Agent Configuration Guide

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Sophos Certified Architect Course overview

Publish Cisco VXC Manager GUI as Microsoft RDS Remote App

Biznet GIO Cloud Connecting VM via Windows Remote Desktop

Immotec Systems, Inc. SQL Server 2005 Installation Document

EMR Link Server Interface Installation

INTEGRATION GUIDE. DIGIPASS Authentication for Cisco ASA 5505

MultiSite Manager. Setup Guide

SSL SSL VPN

Zenprise Device Manager 6.1.5

What is the Barracuda SSL VPN Server Agent?

qliqdirect Active Directory Guide

ZyWALL OTP Co works with Active Directory Not Only Enhances Password Security but Also Simplifies Account Management

Configuration Guide. BlackBerry Enterprise Service 12. Version 12.0

FortiGate Multi-Threat Security Systems I Administration, Content Inspection and SSL VPN Course #201

Configuration Guide for Active Directory Integration

Stonesoft Firewall/VPN 5.4 Windows Server 2008 R2

Setting Up Scan to SMB on TaskALFA series MFP s.

If you have questions or find errors in the guide, please, contact us under the following address:

Configuring the Cisco ISA500 for Active Directory/LDAP and RADIUS Authentication

Configuration Guide. SafeNet Authentication Service. SAS Agent for Microsoft Internet Information Services (IIS)

Chapter 6 Configuring the SSL VPN Tunnel Client and Port Forwarding

Preparing for GO!Enterprise MDM On-Demand Service

Phone: Fax: Box: 230

How To Configure SSL VPN in Cyberoam

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Fortinet Firewall. Overview

External Authentication with Cisco VPN 3000 Concentrator Authenticating Users Using SecurAccess Server by SecurEnvoy

External Authentication with Windows 2003 Server with Routing and Remote Access service Authenticating Users Using SecurAccess Server by SecurEnvoy

Basic Exchange Setup Guide

How to Logon with Domain Credentials to a Server in a Workgroup

University Computing & Telecommunications Virtual Private Networking: How To/Self- Help Guide Windows 8.1 Operating System.

Chapter 9 Monitoring System Performance

Step by step guide to implement SMS authentication to Cisco ASA Clientless SSL VPN and Cisco VPN

Virtual Data Centre. User Guide

DIGIPASS Authentication for Check Point Security Gateways

How To Integrate Watchguard Xtm With Secur Access With Watchguard And Safepower 2Factor Authentication On A Watchguard 2T (V2) On A 2Tv 2Tm (V1.2) With A 2F

Set Up Setup with Microsoft Outlook 2007 using POP3

ReadyNAS Remote White Paper. NETGEAR May 2010

Using a VPN with Niagara Systems. v0.3 6, July 2013

Client configuration and migration Guide Setting up Thunderbird 3.1

icrosoft TMG Replacement with NetScaler

Clientless SSL VPN Users

Preventing credit card numbers from escaping your network

Configuration Guide. How to set up the IPSec site-to-site Tunnel between the D-Link DSR Router and the Sonicwall Firewall.

External Authentication with Netscreen 25 Remote VPN Authenticating Users Using SecurAccess Server by SecurEnvoy

PC Monitor Enterprise Server. Setup Guide

Dell SonicWALL and SecurEnvoy Integration Guide. Authenticating Users Using SecurAccess Server by SecurEnvoy

Deploying NetScaler Gateway in ICA Proxy Mode

DIGIPASS Authentication for Cisco ASA 5500 Series

Configuration Guide. BES12 Cloud

TechNote. Contents. Introduction. System Requirements. SRA Two-factor Authentication with Quest Defender. Secure Remote Access.

REQUIREMENTS AND INSTALLATION OF THE NEFSIS DEDICATED SERVER

External Authentication with Windows 2012 R2 Server with Remote Desktop Web Gateway Authenticating Users Using SecurAccess Server by SecurEnvoy

Remote Access VPN SSL VPN Access via Internet Explorer

Configuring Routers and Their Settings

Defender Token Deployment System Quick Start Guide

Configuration Guide BES12. Version 12.1

PaperClip. em4 Cloud Client. Manual Setup Guide

Configuring User Identification via Active Directory

Global VPN Client Getting Started Guide

Access Your Cisco Smart Storage Remotely Via WebDAV

Configuration Guide BES12. Version 12.2

Sophos UTM. Remote Access via PPTP. Configuring UTM and Client

Using SonicWALL NetExtender to Access FTP Servers

Stealth OpenVPN and SSH Tunneling Over HTTPS

NAS 221 Remote Access Using Cloud Connect TM

Configuring Thunderbird with UEA Exchange 2007:

How to configure your Desktop Computer and Mobile Devices post migrating to Microsoft Office 365

Remote Application Server Version 14. Last updated:

Accessing TP SSL VPN

Quick Start Guide Sendio Hosted

Campus VPN. Version 1.0 September 22, 2008

Note that if at any time during the setup process you are asked to login, click either Cancel or Work Offline depending upon the prompt.

VPN Tracker for Mac OS X

The Secure Web Access Solution Includes:

Transcription:

Workspot Configuration Guide for the Fortinet FortiGate Firewall Workspot, Inc. 4/8/2016

Fortinet FortiGate and Workspot Overview The Fortinet FortiGate provides comprehensive threat protection with firewall, VPN (IPsec and SSL), intrusion prevention, antivirus/antispyware, antispam, and web filtering technologies. The platform also provides application control, data loss prevention, dynamic routing for IPv4 and IPv6, endpoint NAC, and SSL-encrypted traffic inspection. Once the FortiGate is installed on-premise or in the cloud, Workspot can be quickly implemented as no additional hardware or software is required. The Workspot Client securely connects to internal applications and services using the FortiGate SSL-VPN feature. For more information on the Fortinet FortiGate, go to: http://www.fortinet.com/products/fortigate/index.html The Workspot Client runs on Windows PCs, Macs, and mobile devices; Workspot Control, a corresponding cloud-based administration console, is used to manage configuration and policies for the environment. For more information on Workspot, go to: http://www.workspot.com Products and Versions Tested The information and screens in this guide are based on the following: FortiGate VM64, firmware Version v5.4.0,build1011 (GA) Workspot Control (Release 4/7/16) Prerequisites and Configuration Notes The following are general prerequisites for this guide: FortiGate firewall version 5.0 or later. FortiGate administrator access. Configured for both inside network and Internet connectivity. An authentication server such as Microsoft Active Directory (AD) using LDAP or RADIUS. DNS FDQN names or IP addresses for internal web apps, CIFS file shares, Remote Desktop Services (RDS) servers and RemoteApps. Configuring the FortiGate involves the following configuration steps: 1. SSL-VPN User Group 2. SSL-VPN configuration Version 1.1 pg. 1 of 12

3. SSL-VPN policy 4. SSL-VPN portal (optional) 5. Configuring the FortiGate in Workspot Control If an existing FortiGate SSL-VPN configuration is already configured to support web-access and AD authentication, then go to Testing the Configuration. If the testing fails, verify the settings shown below and clone the current setups and update specific settings where needed. Version 1.1 pg. 2 of 12

FortiGate Configuration for Workspot These steps outline the basic configuration of a FortiGate firewall to support Workspot. Sign into the administrator console. 1. Configure a User Group for the Workspot users. Go to User & Device > User Groups and click +Create New a. Enter a name for the User Group: Workspot SSL VPN Users. b. Under Remote groups, select + Create New. 1a. 1a 1b Version 1.1 pg. 3 of 12

c. Select the AD authentication server from the list of Remote Servers. Then click OK and then OK again to save. 1c Version 1.1 pg. 4 of 12

2. Configure the SSL-VPN. If the SSL-VPN is already configured, verify the following settings. Go to VPN > SSL-VPN Settings a. Set the Listen on Interface(s) to the interface connected to the external network b. Set the Listen on Port to the HTTPS port. If port 443 used for the SSL VPN is on the same interface as the administrator interface, then the administrator HTTPS port under System > Settings must be set another port, e.g. 10443. c. Select the SSL Server Certificate obtained from a Certificate Authority and imported into this FortiGate. Otherwise, the Workspot users will be prompted to accept the self-signed certificate when connecting to the SSL VPN. d. Under Authentication/Portal Mapping, select +Create New. 2g 2a 2b 2c 2d 2f Version 1.1 pg. 5 of 12

e. Select Workspot SSL VPN Users and web-access, then click OK. 2e f. Click Apply to save the configuration. g. From the top of the page, click the No SSL-VPN policies exist. Click here to create a new SSL-VPN policy using these settings and go to step 3a. Version 1.1 pg. 6 of 12

3. Configure the SSL-VPN Policy. Go to Policy & Objects > IPv4 Policy and click +Create New. a. Enter the policy name: Workspot SSL VPN Policy b. Select the Outgoing Interface which is connected to the external network. c. Select the Source Address: All and the User: Workspot SSL VPN Users d. Select the Destination Address: All e. Select the Service: ALL then click OK to save. 3a 3b Note: The Incoming Interface must be set to SSL-VPN tunnel interface. 3c 3d 3e Version 1.1 pg. 7 of 12

4. Configure the SSL-VPN Portal. Go to VPN > SSL-VPN Portals and select web-access and click Edit. a. Verify that Tunnel Mode is OFF and Enable Web Mode is ON. b. Verify that the Show Connection Launcher is ON. This setting is not required for Workspot but will allow a standard browser to test the FortiGate configuration; other settings are also optional. c. If modified, click OK to save the configuration. 4a 4b 4c Version 1.1 pg. 8 of 12

Testing the Configuration To test the configuration, use any standard browser and go to the URL associated with the FortiGate, e.g. https://fortigate.mycompany.com/. Enter your AD Username and Password then click Login. On the portal screen click Quick Connection. Then enter an internal website URL and click launch. intranet.mycompany.com Version 1.1 pg. 9 of 12

The internal web page should be opened in a new tab. https://fortinet.mycompany.com/proxy/http/intranet.mycompany.com Version 1.1 pg. 10 of 12

Configuring the FortiGate VPN in Workspot Control To configure the VPN for Workspot users, sign into Workspot Control, then go to Setup > VPN > Add New VPN, then enter a name, the external URL for the FortiGate VPN, and Fortinet as the SSL VPN Type. Select the group(s) which will use the FortiGate and then click Save. Version 1.1 pg. 11 of 12

Troubleshooting <To be updated by Support team> Version 1.1 pg. 12 of 12

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information