SSL VPN

Significant SSL VPN web portal improvements (287328, 292726, 299319)

Significant updates and improvements have been made to the SSL VPN web portal in preparation for future browser updates, and in order to support all browsers:

SSL VPN web portal redesigned.
SSL VPN tunnel mode widget no longer works in the web portal.The tunnel mode widget used a deprecated NPAPI plugin mechanism to send the tunnel client to the browser for local system execution—this is a popular exploitation vector. FortiClient is now required for tunnel mode SSL VPN.
SSL VPN Web mode RDP Native java applet removed.
Removed unnecessary options from RDP bookmark and changed to HTML5 RDP.
Cache cleaning function has been removed.

Implement post-authentication CSRF protection in SSL VPN web mode (287180)

This attribute can enable/disable verification of a referer in the HTTP request header in order to prevent a Cross- Site Request Forgery attack.

Syntax:

config vpn ssl settings

set check-referer [enable|disable]

end

Pages: 1 2 3

Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Don't Forget To visit the YouTube Channel for the latest Fortinet Training Videos and Question / Answer sessions!
- FortinetGuru YouTube Channel
- FortiSwitch Training Videos

Cybersecurity Videos and Training Available Via: Office of The CISO Security Training Videos

June 15, 2016June 27, 2016 FortiOS 5.4 Handbook 3 Comments
best firewall fortinet, best firmware fortinet, best practice fortinet, execute top fortinet, fortigate best practices 52, fortigate diag sys top, fortigate diagnose system top, fortigate top sessions, fortigate top sources, fortigate top talkers, fortinet best place to work, fortinet client will not install, fortinet firewall best practices, fortinet firewall security best practices, fortinet ssl vpn can't connect, fortinet top applications unknown, fortinet top bar, fortinet top competitors, fortinet user must have a profile, fortinet wireless best practices, how do i bypass fortinet, how do i disable fortinet, how to do port forwarding in fortigate, top fortinet, when did fortinet go public, who will buy fortinet

In 5.4.1 is there any way to disable display of the “download forticlient” button? as there was in 5.2… They’ve removed the CLI option and there appears to be no GUI option either. As this is an end user interface, and users will be users, they get confused about the purpose of the button. Thanks!

Mike says:

September 1, 2016 at 12:26 PM

The documentation definitely states that they removed it. I have not been able to tie down a way to remove it in 5.4.1 unfortunately. Fortinet hasn’t had an answer for me either.

What version of the FortiOS did they drop the client cache cleaner?

SSL VPN

3 responses to “SSL VPN”

Leave a Reply Cancel reply

Share this:

3 responses to “SSL VPN”

Leave a Reply Cancel reply