İçeriğe geç



SSL VPN, Güvenli Yuva Katmanı (Secure Sockets Layer) protokolü ile çalışan ve Web tarayıcıları ile HTTPS (Hiper Metin Transferi Protokolü – Güvenli) protokolü üzerinden erişilebilen bir VPN çeşitidir.

SSL VPN ile aşağıdaki durumlar sağlanmış olur:

  • VPN ile bağlanmış olan tüm ağlar, sanki aynı ağdaymış gibi çalışır.
  • Merkez ve diğer lokasyonlar arasında merkezden yönetilebilir bir ağ yapısı sağlanmış olur.
  • Ağlardaki yerel ağ alt yapısı veya IP adresleri değişmeden, SSL teknolojisi ile güvenliği sağlanan bir veri iletim ortamı oluşur.
  • Yönetici tarafından erişim izinleri farklı olarak atanabilir ve böylece bazı kaynaklara erişim kısıtlanabilir. Erişimin kısıtlanabilir olması bir güvenlik önlemidir. Örneğin bir şirket, iş ortağının sadece hafta içi mesai saatleri içerinde ağ kaynaklarına erişim izni vermek isteyebilir. Böylelikle sistem hep kontrol altında tutulur. 
  • SSL VPN teknolojisi ile yapılabilecek genel uygulamalar içinde; e-posta, dosya paylaşımı, dosyalara uzaktan erişim ve uzaktan sistem yönetimi bulunur. 



İlk yapmamız gereken bir tane SSL VPN portalı oluşturmamız gerek veya var olan bir ssl vpn portalını da kullanabiliriz.

NOT: Routing Address’i Addresses policy’i oluşturduktan sonra bind ediyoruz.

VPN > SSL-VPN Portals > Create New(veya var olanı seç)


SSL VPN Portalımızı oluşturduktan sonra SSL VPN Settings’i oluşturmamız gerekiyor.

SSL VPN Setting’imizi oluştrurken SSL VPN yapacak kullanıcıları eklememiz gerekmektedir. Kullanıcıları User &Device > User Deifinition > Creat New diyerek ekleyebilirsiniz veya aşağıda da gözüktüğü üzere Creat New diyerek oluşturabilirsiniz.

VPN > SSL VPN Settings

Listen on İnterface: Dış bacağımız yani WAN

Listen on Port: SSL VPN için kullanacığınız port

Authentication/Portal Mapping: SSL VPN yapacak user veya user group’ları


SSL VPN Portals ve Settings’i oluşturduktan sonra Addresses policy’i oluşturmamız gerek ve bu oluşturmuş olduğumuz Addresses policy’i SSL VPN Portals’a bind etmemiz gerekiyor.

POLICY & OBJECT > Addresses > Create New


Addresses policy’i oluşturduktan sonra bir adet “Local” için bir adet de “Wan” interface’leri için IPv4 Policy’i oluşturmamız gerekiyor.

POLICY & OBJECT >IPv4 Policy > Create New


FortiGate üzerindeki bütün işlemleri gerçekleştirdikten sonra modemimizden FortiGate’ de belirlediğimiz portu açmamız gerekmektedir.

Dış Başlangıç Port: 10443

Dış Bitiş Port: 10443

İç Başlangıç Port: 10443

İç Bitiş Port: 10443

Yerel Kullanıcı: Firewall’umuzun ip address’ini yazıyoruz.


30 Yorum

  1. You’re so awesome! I do not believe I have read anything like that before.
    So good to find somebody with original thoughts on this subject matter.
    Really.. thank you for starting this up. This site is something that is needed on the web, someone with some originality!

  2. Pretty! This was a really wonderful post. Many thanks for providing these details.

  3. I do trust all of the ideas you’ve presented on your post. They’re really convincing and can definitely work. Nonetheless, the posts are very short for starters. Could you please lengthen them a little from next time? Thank you for the post.|

  4. Undeniably believe that which you said. Your favorite reason appeared to be on the internet the simplest thing to be aware of. I say to you, I certainly get irked while people consider worries that they plainly do not know about. You managed to hit the nail upon the top and also defined out the whole thing without having side-effects , people could take a signal. Will likely be back to get more. Thanks|

  5. It’s awesome designed for me to have a site, which is beneficial designed for my knowledge. thanks admin|

  6. I blog frequently and I genuinely thank you for your information. The article has really peaked my interest.
    I’m going to book mark your site and keep
    checking for new details about once per week.

    I subscribed to your RSS feed too.

  7. I constantly spent my half an hour to read this weblog’s posts everyday along with a mug of coffee.|

  8. When someone writes an post he/she keeps the idea of a user in his/her brain that how a user can understand it. Thus that’s why this paragraph is amazing. Thanks!|

  9. Thanks for sharing your thoughts about %meta_keyword%. Regards|

  10. Asking questions are actually nice thing if you are not
    understanding anything completely, except this post gives fastidious understanding

  11. Excellent blog here! Also your website loads up very fast! What host are you using? Can I get your affiliate link to your host? I wish my site loaded up as quickly as yours lol|

  12. Hi! Would you mind if I share your blog with my zynga group? There’s a lot of people that I think would really enjoy your content. Please let me know. Cheers|

  13. Wonderful beat ! I would like to apprentice while you amend your website, how could i subscribe for a blog
    web site? The account helped me a acceptable deal. I had been a little bit acquainted of this your broadcast offered bright clear concept 0mniartist asmr

  14. Your style is very unique compared to other folks I’ve read stuff from.

    Thanks for posting when you have the opportunity, Guess I’ll just bookmark
    this web site. asmr 0mniartist

  15. I was curious if you ever considered changing the structure of your blog?
    Its very well written; I love what youve got to say. But maybe you could a little more in the
    way of content so people could connect with it better.
    Youve got an awful lot of text for only having 1 or two images.
    Maybe you could space it out better? asmr 0mniartist

  16. I appreciate, result in I found exactly what I was
    taking a look for. You’ve ended my 4 day lengthy hunt!
    God Bless you man. Have a nice day. Bye 0mniartist asmr

  17. Wow, awesome blog layout! How long have you been blogging for?

    you make blogging look easy. The overall look of your website is wonderful,
    as well as the content! 0mniartist asmr

  18. Link exchange is nothing else but it is only placing the other person’s weblog link on your
    page at proper place and other person will also do similar in support of you.

  19. I am regular reader, how are you everybody? This paragraph posted at this website is in fact nice.|

  20. I really enjoy the blog.Thanks Again. Keep writing.

  21. Good post! We will be linking to this great content on our site.
    Keep up the great writing.

  22. Post writing is also a excitement, if you be familiar with then you can write if not it is difficult to

  23. Excellent blog here! Also your site loads up fast! What host are you
    using? Can I get your affiliate link to your host? I wish my site loaded up as
    fast as yours lol

  24. Good day! This is my 1st comment here so I just wanted to give a quick shout out and tell you I really enjoy reading
    through your articles. Can you recommend any other blogs/websites/forums that
    deal with the same subjects? Many thanks!

  25. I’ll right away grasp your rss feed as I can not to find your e-mail subscription hyperlink or e-newsletter service.
    Do you have any? Kindly allow me understand so that I may just subscribe.

  26. We’re a group of volunteers and starting a new
    scheme in our community. Your website offered us
    with valuable information
    to work on. You have done a
    formidable job and our entire community will be
    thankful to you.

  27. fantastic and also fantastic blog. I truly want to
    thanks, for giving us far better details.

  28. I’m not that much of a online reader to be honest but
    your sites
    really nice, keep it up! I’ll go ahead and bookmark
    your website to come back later on.
    All the best

Bu yazı yorumlara kapalı.