Topic Thread

Expand all | Collapse all

Limit Concurrent Total SSL VPN Users

  • 1.  Limit Concurrent Total SSL VPN Users

    Posted 03-09-2018 05:31

    From what I can see there is not a way to limit concurrent VPN users. I am looking for a setting on the FortiGate that would say only 20 VPN users can be connected at a time. I see the settings per user. Just wanted to see if I am missing an option. Thanks



  • 2.  Limit Concurrent Total SSL VPN Users

    Posted 03-09-2018 05:36
    I believe you “could” break out rules with user groups and user concurrency limits that would limit users to 20 per group/rule, but this would be an admin nightmare. Not sure there is a way to limit this globally…as in 20 total at any given time.

    What is the problem you are actually trying to resolve? The FGTs can handle quite a bit.

    /t

    From: Peter Cook via Firewall: [firewall@...
    Sent: Friday, March 9, 2018 9:31 AM
    To: firewall@lists.fusecommunity.fortinet.com
    Subject: [Firewall:] - Limit Concurrent Total SSL VPN Users


    From what I can see there is not a way to limit concurrent VPN users. I am looking for a setting on the FortiGate that would say only 20 VPN users can be connected at a time. I see the settings per user. Just wanted to see if I am missing an option. Thanks

    -----End Original Message-----


  • 3.  RE: Limit Concurrent Total SSL VPN Users

    Posted 03-09-2018 05:47

    Thanks Tony. We are looking to duplicate a prior firewall setup that is tied to billing. The client paid for 20 concurrent VPN users on the old firewall as that was tied to a license. Trying to see how closely I can duplicate that setup. 



  • 4.  Limit Concurrent Total SSL VPN Users

    Posted 03-09-2018 06:09
    ….assuming as in an MSSP model. There may be something that can be done on the radius side…such as with FortiAuth and the API. But I do not think you can do this in the FortiOS directly. Maybe someone else can fill us in.

    /t

    From: Peter Cook via Firewall: [firewall@...
    Sent: Friday, March 9, 2018 9:47 AM
    To: firewall@lists.fusecommunity.fortinet.com
    Subject: [Firewall:] - RE: Limit Concurrent Total SSL VPN Users


    Thanks Tony. We are looking to duplicate a prior firewall setup that is tied to billing. The client paid for 20 concurrent VPN users on the old firewall as that was tied to a license. Trying to see how closely I can duplicate that setup.

    -----End Original Message-----


  • 5.  RE: Limit Concurrent Total SSL VPN Users

    Posted 03-09-2018 06:10

    Exactly. Thanks and have been looking at Radius, just wanted to make sure I wasn't making it more complex than needed.



  • 6.  RE: Limit Concurrent Total SSL VPN Users

     
    Posted 03-12-2018 09:22

    You can simply create an IP Pool with 20 IPS for the SSL SPN Users. This way only 20 users can be connected at the same time.

    Rony Moussa

    NSE Certified : Level 8



  • 7.  RE: Limit Concurrent Total SSL VPN Users

    Posted 03-12-2018 09:31

    That is brilliant! Thanks