Re: SSL-VPN Realm - issue with setup...
I should have been more clear in my previous posts, sorry.
We had an SSL-VPN setup with a realm for mobile client users setup and working. On Friday, it just stopped working.
Specifically, IOS devices were unable to connect via the Forticlient using the realm set for tunnel mode. Android Forticlient users were still working on that realm and so were the SSL-VPN Web users that connected via browser. After a reboot of the firewalls, no mobile client users were able to connect but the SSL-VPN Web users still working fine.
While troubleshooting the issue, we noticed that the link shown for the URL was referencing the inside interface. We had mistakenly thought this was specifying the actual URL users were supposed to use to connect, but it turned out to be just an example URL. This is why the post referenced manually setting the interface for the URL.
We later determined the example URL was based on the interface you logged into the firewall on:
And confirmed by accessing from a different interface:
We confused the example URL as an informative section like the SSL-VPN port listened on set under the SSL-VPN settings page:
As part of our troubleshooting process we deleted/recreated the SSL-VPN realms and deleted/ recreated the users/groups under Authentication/Portal Mapping on the SSL-VPN Settings page. We had not noticed this had resolved the issue as we were focused on the non-issue of the example URL.
I hope this clears up any confusion.