{"id":1953,"date":"2016-04-07T01:47:44","date_gmt":"2016-04-07T01:47:44","guid":{"rendered":"http:\/\/pariswells.com\/blog\/?p=1953"},"modified":"2016-04-07T01:47:44","modified_gmt":"2016-04-07T01:47:44","slug":"fortigate-ssl-vpn-users-need-to-route-to-different-subnet-via-tunnel-interface-ipsec-vpn","status":"publish","type":"post","link":"https:\/\/pariswells.com\/blog\/random\/fortigate-ssl-vpn-users-need-to-route-to-different-subnet-via-tunnel-interface-ipsec-vpn","title":{"rendered":"Fortigate ssl-vpn users need to route to different subnet via tunnel interface IPSEC VPN"},"content":{"rendered":"<p>Users who SSL-VPN into the office need to route to a different subnet which is connected via an IPSEC VPN<\/p><p>You should already have Address Setup for your SSL VPN Users and Address for Remote Site<\/p><p>Add the below polices<\/p><p>Policy :<\/p><p>Incoming Interface &lt;VPN interface to Remote Site&gt;<br \/>Source Address VPN all<br \/>Outgoing Interface ssl.root<br \/>Destination Address SSLVPN_TUNNEL_ADDR1<br \/>Schedule Always<br \/>Service all<br \/>Action Accept<\/p><p>Policy :<\/p><p>Incoming Interface ssl.root<br \/>Source Address VPN SSLVPN_TUNNEL_ADDR1<br \/>Outgoing Interface &lt;VPN interface to Remote Site&gt;<br \/>Destination Address all<br \/>Schedule Always<br \/>Service all<br \/>Action Accept<br \/>Enable NAT<br \/>Use Dynamic IP Pool and Create a pool (&lt;IP of Fortigate&gt;-&lt;IP of Fortigate&gt;).<\/p>","protected":false},"excerpt":{"rendered":"<p>Users who SSL-VPN into the office need to route to a different subnet which is connected via an IPSEC VPNYou should already have Address Setup for your [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[4],"tags":[1411,1412,1251,1250,1406,1409,1410,1408,1407],"class_list":["post-1953","post","type-post","status-publish","format-standard","hentry","category-random","tag-1411","tag-60c","tag-fortigate","tag-fortinet","tag-ipsec-vpn","tag-nat","tag-policy","tag-routing","tag-ssl-vpn"],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/1953","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/comments?post=1953"}],"version-history":[{"count":1,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/1953\/revisions"}],"predecessor-version":[{"id":1954,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/posts\/1953\/revisions\/1954"}],"wp:attachment":[{"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/media?parent=1953"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/categories?post=1953"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/pariswells.com\/blog\/wp-json\/wp\/v2\/tags?post=1953"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}