Fortinet FORTIOS V3.0 MR7 Launching web portal applications

FortiOS v3.0 MR7 SSL VPN User Guide

68 01-30007-0348-20080718

Launching web portal applications Working with the web portal

In the Tools area, you can connect to a web server or start a telnet session. You

can also check connectivity to a host or server on the network behind the

FortiGate unit. For more information, see “Starting a session from the Tools ar ea”.

Launching web portal applications

The FortiGate unit forwards client requests to servers on the Internet or internal

network. To use the web-portal applications, you add the URL, IP address, or

name of the server application to the My Bookmarks list (see “Adding a bookmark

to the My Bookmarks list”).

One or more of the following server applications may be available to you,

depending on whether they were installed by the server administrator:

• Web servers (HTTP/HTTPS) download HTML pages in response to web

browser requests.

• Telnet servers (TCP/IP Terminal Emulation Protocol) enable you to use your

computer as a virtual terminal to log in to a remote host.

• FTP (File Transfer Protocol) servers enable you to transfer files between your

computer and a remote host.

• SMB/CIFS servers implement the Server Message Block (SMB) protocol to

support file sharing between your computer and a remote server host.

• VNC (Virtual Network Computing) servers enable you to remotely control

another computer, for example, accessing work from your home computer.

• RDP (Remote Desktop Protocol) servers have a multi-channel protocol that

allows users to connect to computers running Microsoft Terminal Services.

• SSH (Secure Shell) servers enable you to exchange data between two

computers using a secure channel.

When you access any of these server applications, the server may prompt you for

a user name and password. To log in, you must have a user account created by

the server administrator.

When a FortiGate unit forwards client requests to servers on the Internet or

internal network, there may be a requirement to access a site with a name or

address that should not be exposed. For HTTP/HTTPS, the FortiGate unit

employs an obfuscation technique that encrypts the hostname with a random key

using AES-128, then the corresponding hex value plus ‘Z’ is added at the

beginning to form the encoded name.

For example, in the case of the URL http://test.org/index.html, the FortiGate unit

would translate to the following:

https://<sslvpn_host:port>/proxy/http/Z<encrypted hex value>/index.html

Note: If you want to access a web server or telnet server without first adding a bookmark to

the My Bookmarks list, type the URL or IP address of the server into the appropriate field

under Tools instead (see “Starting a session from the Tools area”).

Note: Windows file sharing through SMB/CIFS is supported through shared directories.