Remote access must be both convenient and controlled. Below is a baseline approach for FortiGate VPN setup: user preparation, enabling SSL VPN or IPsec, firewall rules, and enforcing multi-factor authentication.
Best practices:
— enable MFA for all users;
— restrict access by groups and networks;
— log events and configure alerts;
— validate split tunneling and internal resource access.