SSL-VPN on custom Interface

This explains how to setup the SSL-VPN on a FortiGate (E-Series) on a Custom Interface for better Controls.

This is done because per default, SSL-VPN Listens on the WAN Interface directly, therefor can not be controlled by any Policy.

Create Loopback Interface

image.png

image.png

image.png

Bind SSL-VPN to new Loopback Interface

image.png

image.png

Redirect SSL-VPN Traffic

We now need to make sure the SSL-VPN Traffic actually reaches the new SSL-VPN Interface. We will use a Virtual IP with Port Forwarding for that.

image.png

image.png

image.png

Allow Traffic to new Interface

image.png

image.png

image.png

Revision #1
Created 3 October 2025 22:00:30 by Oliver Karger
Updated 3 October 2025 22:05:49 by Oliver Karger