Hi,
i have fortigate 111C firewall and i have only 1 network behind it. On that firewall i have 3 remote locations. When i configure VPN on windows server, VPN user has access to all local and remote networks. What i would like to do is put windows VPN server inside some different subnet and from there control which VPN user (AD user) has access to which subnet. Now since i never worked with NAP can NAP control this? Fortigate will route traffic between subnets. I am just not sure how and with what i can control subnet access by username.