【Notice】Future operational policy following discontinuation of SSL-VPN tunnel mode by Fortinet

Top / Company / news / 【Notice】Future operational policy following discontinuation of SSL-VPN tunnel mode by Fortinet

May 2, 2025

Thank you for your continued support and use of our services.

As noted in the official release notes issued by Fortinet, SSL-VPN tunnel mode (tunnel mode) is no longer supported in FortiOS 7.6.3 and and later versions adopted by FortiGate.

It is advised that customers currently under contract for our services that use FortiGate take note and consider the following points below.

Fortinet Annoucement Summary

  • As of FortiOS 7.6.3, SSL-VPN tunnel mode is no longer supported. The current stable (Mature) release, FortiOS 7.4, will remain available until November 2027, though this may change depending on future security updates.
  • Moving forward, it is strongly recommended to transition to Zero Trust Network Access (ZTNA) or IPSec VPN as more secure alternatives.
  • Reevaluating the use of SSL-VPN is critical to help prevent the recurrence of zero-day vulnerabilities that have emerged in the past.

InfiniCloud's Response

InfiniCLOUD places the highest priority on the security of the infrastructure we provide. To enhance protection and minimize risk, we have adopted the following security policies:

  1. Customers using FortiGate-based services such as our “FortiGate Service” and “Cloud-Based Remote VPN Service” are encouraged to gradually phase out the use of SSL-VPN.
  2. For continued VPN access, we recommend transitioning to IPSec-based remote VPN (L2TP/IPSec), which offers improved security and stability.
  3. We also advise separating VPN and UTM (firewall) functions, and disabling SSL-VPN unless absolutely necessary to reduce potential vulnerabilities.

※For customers using FortiGate-VM within HRPC or VMPC, please note that the management of FortiOS versions and the enabling/disabling of features remain under the customer's control. However, the above recommendations apply to all users regardless of environment.

We would also like to reassure our customers that, based on our investigation using information available on the official Fortinet website, there is currently no indication of any security breach involving our FortiGate Service or the FortiGate devices used in the Cloud-Based Remote VPN Service.

Message to Customers

  • Regardless of your service scope, we recommend that all customers using FortiGate SSL-VPN review its current configuration and assess any potential impact prior to upgrading to a newer version.
  • If you are considering future VPN configuration changes or exploring alternative solutions, please don’t hesitate to contact our sales team for guidance and support.

Inquiries Regarding This Matter

For technical inquiries or product implementation, please contact us using the form provided below.

InfiniCloud will continue to do is utmost to support you so that your system operations become safer and more stable. We appreciate and look forward to your continued support.