10-17-2021 08:25 PM
Hi,
I do have a setup where the environment is using Forti Client VPN for their remote access VPN. In this scenario, I want to enforce a posturing and client provisioning with AnyConnect but using Forti Client as the remote VPN.
I tried to find any documentation of ISE posturing with the third party products but to no avail. Has anybody done this ? Appreciate if can help on how to deploy the posturing for this scenario.
Thanks
Solved! Go to Solution.
10-06-2023 05:18 AM
Yes but this doesn't work last time I tested. FortiGate didn't support CoA for VPN users, only those on managed switches or APs. FortiGate also doesn't support URL redirection for SSL VPN clients. Finally, the ISE DHCP/DNS server cannot be used here since FortiGate does not support DHCP relay for VPN clients.
10-21-2021 08:04 PM
HI @Lauren957
I just want to understand this, do you mean we can run both VPN client Fortinet and Cisco Anyconnect at the same time ? How does anyconnect provide secure vpn access to the Forticlient VPN ? If so, how does ISE trigger to for client provisioning for posturing if we are using Forticlient ?
10-05-2023 04:58 AM
Just so I'm clear, you're saying that Fortinet and Cisco's AnyConnect VPN clients can coexist? When connecting to the Forticlient VPN, how does anyconnect ensure a secure connection? If that's the case, how does ISE communicate with Forticlient to initiate client provisioning for posturing? CredibleBH
10-06-2023 05:18 AM
Yes but this doesn't work last time I tested. FortiGate didn't support CoA for VPN users, only those on managed switches or APs. FortiGate also doesn't support URL redirection for SSL VPN clients. Finally, the ISE DHCP/DNS server cannot be used here since FortiGate does not support DHCP relay for VPN clients.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide