SSL VPN for Windows Phone 8.1

Facebooktwittergoogle_plusredditpinterestlinkedinFacebooktwittergoogle_plusredditpinterestlinkedin

In this example, you will connect to a private network with a Windows Phone, using an SSL VPN.

This recipe is also available in Portuguese.

1. Creating a VPN portal with custom bookmarks

Go to VPN > SSL > Portals and create a new portal.

Enable both Tunnel Mode and Web Mode. Disable Split Tunneling and set Source IP Pools to use the default SSL VPN tunnel address range.

Under Predefined Bookmarks, create bookmarks to access resources on the internal network.

 

2. Creating a user and user group

Go to User & Device > User > User Definition and create a new local user.
Go User & Device > User > User Groups and create a new user group. Set Members to include the new user.

3. Configuring the VPN tunnel

Go to VPN > SSL > Settings and set Listen on Interface(s) to wan1.

Set Listen on Port to 10443 and Specify custom IP ranges using the default SSL VPN tunnel addresses.

Under Authentication/Portal Mapping, add the new user group.

4. Creating security policies

Go to Policy & Objects > Policy > IPv4.

Add a security policy allowing access to the internal network through the ssl.root VPN tunnel interface.

Set Incoming Interface to ssl.root.

Set Source Address to all and select the Source User new user group.

Set Outgoing Interface to the local network interface so that the remote user can access the internal network.

Set Destination Address to all, enable NAT, and configure any remaining firewall and security options as desired.

 

Add a second security policy allowing SSL VPN access to the Internet.

For this policy, Incoming Interface is set to ssl.root and Outgoing Interface is set to your Internet-facing interface.

 

3. Results

Using your Window Phone’s web browser, access the portal. The portal’s address is the IP address of your Internet-facing interface with the port the SSL VPN tunnel is listening to, and it must be accessed using HTTPS (in the example, https://201.21.161.9:10443).

Log in using the credentials for your SSL VPN user.

After your credentials are accepted, you will be able to see the VPN portal.
Select one of the pre-defined bookmarks (in the example, the bookmark for a FortiManager device). You will be able to access the network resource.

For further reading, check out The SSL VPN web portal in the FortiOS 5.2 Handbook.

 

Victoria Martin

Victoria Martin

Technical Writer & Head Cookbook Chef at Fortinet
Victoria Martin works in Ottawa as part of the FortiOS technical documentation team. She graduated with a Bachelor's degree from Mount Allison University, after which she attended Humber College's book publishing program, followed by the more practical technical writing program at Algonquin College. She does need glasses but also likes wearing them, since glasses make you look smarter.
Victoria Martin

Latest posts by Victoria Martin (see all)

  • Was this helpful?
  • Yes   No