SSL VPN enhancements What’s new in FortiOS Version 4.0 MR1
FortiGate Version 4.0 MR1 Administration Guide
40 01-410-89802-20090903
http://docs.fortinet.com/ • Feedback
OS Check changes
The client operating system checks are now configurable only in the CLI, but the
supported operating systems now include Windows Vista.
config vpn ssl web portal
edit <portal_name>
set os-check enable
config os-check-list {windows-2000 | windows-xp |
windows-vista}
set action {allow | check-up-to-date | deny}
set latest-patch-level {disable | 0 - 255}
set tolerance {tolerance_num}
end
Client check changes
The client check, which ensures that clients have antivirus or firewall software installed, is
now called Host Check. You no longer specify whether to check for FortiClient Endpoint
Security or third-party software. If the client computer is running any antivirus or firewall
software that the Windows Security Center recognizes, it will pass the Host Check. You
can also add applications to the FortiGate unit’s list of acceptable host check software.
To configure host check - web-based manager
1 Go to VPN > SSL > Portal.
2 Select the Edit icon for the web portal.
3 Select the Settings button.
4 Select the Security Control tab.
5 From the Host Check list, select one of the following options:
• None — no host check
• AV — antivirus software required
• FW — firewall software required
• AV-FW — antivirus and firewall software required
• Custom — check for software defined in VPN > SSL > Host Check
6 Enter the Interval, in seconds, between host checks. Or, enter 0 to disable repeated
host checks.
7 Select OK.
To configure host check - CLI
config vpn ssl web portal
edit <portal_name>
set host-check {none | av | fw | av-fw | custom}
set host-check-interval <seconds>
end
To Next Page
Loading...
