Hi!
I am running tunnel mode ssl vpn without adding static route of my SSL VPN subnet pointing to ssl.root and everything works fine.
whats the use of setting up this static route?
thanks
Solved! Go to Solution.
The reason is to allow inside devices/applications reach the clients from their ends. Especially when the client machine is running some UDP based applications connected to a server, which needs to send spontaneous updates or something periodically or on-demand, the server can't reach the client to deliver the UDP packets.
That's another reason if you have other routers/firewalls relying on redistributed routes from the FGT over a routing protocol, if the FGT is not their default GW.
The reason is to allow inside devices/applications reach the clients from their ends. Especially when the client machine is running some UDP based applications connected to a server, which needs to send spontaneous updates or something periodically or on-demand, the server can't reach the client to deliver the UDP packets.
ok Thanks for the information. I guess it can also be used for BGP rourte distribution?
That's another reason if you have other routers/firewalls relying on redistributed routes from the FGT over a routing protocol, if the FGT is not their default GW.
Maybe if you are running OSPF and redistributing statics and the FGT isn't on your default egress path?
Edit:
Sorry. I hadn't changed my view mode to flat, i thought this was unanswered.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.