Monitoring authenticated users

Monitoring SSL VPN users

You can monitor web-mode and tunnel-mode SSL VPN users by username and IP address.

To monitor SSL VPN users, go to Monitor > SSL-VPN Monitor. To disconnect a user, select the user and then select the Delete icon.

The first line, listing the username and IP address, is present for a user with either a web-mode or tunnel-mode connection. The Subsession line is present only if the user has a tunnel mode connection. The Description column displays the virtual IP address assigned to the user’s tunnel-mode connection.

For more information about SSL VPN, see the FortiOS Handbook SSL VPN guide.

To monitor SSL VPN users – CLI:

To list all of the SSL VPN sessions and their index numbers:

execute vpn sslvpn list

The output looks like this:

SSL-VPN Login Users:

Index   User   Auth Type   Timeout         From      HTTPS in/out  0       user1  1           256       172.20.120.51   0/0

SSL-VPN sessions:

Index   User   Source IP        Tunnel/Dest IP

0       user2  172.20.120.51    10.0.0.1

You can use the Index value in the following commands to disconnect user sessions:

To disconnect a tunnel-mode user execute vpn sslvpn del-tunnel <index>

To disconnect a web-mode user

execute vpn sslvpn del-web <index> You can also disconnect multiple users:

To disconnect all tunnel-mode SSL VPN users in this VDOM execute vpn ssl del-all tunnel

To disconnect all SSL VPN users in this VDOM execute vpn ssl del-all

This entry was posted in FortiGate, FortiOS 5.6 on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.