Page 1 of 1

Fortigate SSL-VPN connection

Posted: Tue Jun 25, 2013 11:34 am
by gimmepatiencequickly
Hi,

I need to connect to a remote network where a fortigate device is installed.
I would like to use my mikrotik router to connect to the fortigate device using an ssl-vpn connection.
I am not the administrator of the fortigate device, so I will need to get the assistance of the administrator on the remote side to assist

What would I use with the mikrotik router?
What settings would I need to get from the fortigate device to correspond to the mikrotik settings
I tried using SSTP, but I get an error... "terminating... - broken http connection"
0 X  name="SSTP Connection" max-mtu=1500 max-mru=1500 mrru=disabled connect-to=x.x.x.x:10443
      http-proxy=0.0.0.0:443 certificate=none verify-server-certificate=no 
      verify-server-address-from-certificate=yes user="y" password="z" profile=default-encryption 
      keepalive-timeout=60 add-default-route=no dial-on-demand=no authentication=pap,chap,mschap1,mschap2 
Any assistance will be much appreciated

Thanks

Re: Fortigate SSL-VPN connection

Posted: Wed Jun 26, 2013 7:05 pm
by Boardsurfer
I'm not sure if that's possible. As far as I know, the SSL VPN service on FortiGate devices is pretty much SSTP, but it's a proprietary version that is only compatible with FortiNet's official client software and browser plugin. At least I've never seen support for third-party clients mentioned anywhere in the documentation for FortiGate firewalls. My experience with FortiNet products is not that extensive, though, so I might be wrong.

We use a FortiGate firewall with SSL VPN at work, so I can do a little bit of testing and will let you know if I figure out a way to make it work.

Re: Fortigate SSL-VPN connection

Posted: Mon Jul 22, 2013 9:28 pm
by Boardsurfer
Any updates on this? I haven't made any progress on the SSL VPN bit, but I can confirm that IPSec between a FortiGate and a RouterBoard works just fine. I have successfully set up a gateway-to-gateway IPSec VPN connection between our FortiGate at work and my RouterBoard at home. Let me know if you'd like to try that option, and I'll provide detailed instructions on setting it up.

Re: Fortigate SSL-VPN connection

Posted: Thu Sep 26, 2013 8:16 am
by viviirawati
may i have the configuration please.

Re: Fortigate SSL-VPN connection

Posted: Thu Sep 26, 2013 3:35 pm
by viviirawati
Any updates on this? I haven't made any progress on the SSL VPN bit, but I can confirm that IPSec between a FortiGate and a RouterBoard works just fine. I have successfully set up a gateway-to-gateway IPSec VPN connection between our FortiGate at work and my RouterBoard at home. Let me know if you'd like to try that option, and I'll provide detailed instructions on setting it up.
may i know the detail instruction for configuration of gateway-to-gateway IPSec VPN between fortigate and RB, thanks in advanced

Re: Fortigate SSL-VPN connection

Posted: Mon Oct 14, 2013 3:38 pm
by gimmepatiencequickly
Thanks for the info Boardsurfer.

Unfortunately I do not have administrative access to the fortinet server. I have spoken to our client to assist with the setup of the VPN connection.

I would appreciate if you would provide instructions on how to set this up


I was thinking of something like this, but I need the fortinet configuration...
http://wiki.mikrotik.com/wiki/MikroTik_ ... wall_IPSEC

Thank you

Re: Fortigate SSL-VPN connection

Posted: Thu Aug 04, 2016 10:20 am
by letabawireless
Hi

Having the same scenario here - any updates ?

Re: Fortigate SSL-VPN connection

Posted: Fri Jul 21, 2017 3:05 am
by carlosfrosario
Same issue here, anybody has a solution?

Re: Fortigate SSL-VPN connection

Posted: Thu May 24, 2018 6:53 pm
by Troz
BUMP

ALSO need this info please any updates ?

Re: Fortigate SSL-VPN connection

Posted: Thu May 24, 2018 7:03 pm
by anav
Sounds like the need for a WIKI for an IPSEC connection between a mikrotik and a fortinet device.

Extrapolate away......................
https://www.draytek.com/.upload/pdffile ... d65847.pdf
https://blog.webernetz.net/ipsec-site-t ... co-router/
https://cloud.google.com/files/CloudVPN ... te300C.pdf

From the NET
QUOTE: " I have set up Fortigate VPNs with Cisco, Watchguard and Sonicwalls in the past without issue. As long as all the settings for Phase 1 and Phase 2 match it should work regardless of vendor." UNQUOTE

Re: Fortigate SSL-VPN connection

Posted: Fri May 25, 2018 12:51 pm
by evince
VPN IPSec between Fortigate and Mikrotik is quite easy. The only need is to match both phase1 and phase2. In fortigate side, you can choose interface mode instead of policy based vpn if you prefer