When using a web-mode SSL VPN bookmark to browse an internal web server, which IP address is used as the source of the HTTP request?

When using a web-mode SSL VPN bookmark to access an internal web server, the source of the HTTP request is the FortiGate unit's internal IP address. This is because the SSL VPN creates a secure tunnel between the remote user and the FortiGate unit. In this setup, the remote user’s traffic, including HTTP requests made through the bookmark, is routed through the FortiGate unit.

Since the web-mode operates in a manner where the FortiGate acts as a proxy, it makes the actual request to the internal web server on behalf of the remote user. The internal web server then sees the source of the request as originating from the FortiGate unit's internal IP address, not the remote user's virtual or public IP address. This design helps maintain security by hiding the actual source of the user and facilitates proper routing and access control based on the internal network configuration.