If you are using a FortiOS 6.0.1 or later: To allow multiple interfaces to connect, use the following CLI commands. This can cause the session to become “dirty”. This might occur if there are multiple interfaces connected to the Internet, for example, SD-WAN. To troubleshoot tunnel mode connections shutting down after a few seconds: Set login-timeout 180 (default is 30) set dtls-hello-timeout 60 (default is 10) InįortiOS 5.6.0 and later, use the following commands to allow a user to increase timers related to SSL VPN login.
When you get a connection error, select Export logs.Set the Log Level to Debug and select Clearlogs.In the Logging section, enable Export logs.Export and check FortiClient debug logs.The default ip-pools SSLVPN_TUNNEL_ADDR1 has 10 IP addresses. Check that SSL VPN ip-pools has free IPs to sign out.
FortiClient uses IE security setting, In IE Internet Option > Advanced > Security, check that Use TLS 1.1 and Use TLS 1.2 are enabled.Check the Release Notes to ensure that the FortiClient version is compatible with your version of FortiOS.To troubleshoot FortiGate connection issues: Check the browser has TLS 1.1, TLS 1.2, and TLS 1.3.
Ensure FortiGate is reachable from the computer.
Check that you are using the correct port number in the URL.Check the URL you are attempting to connect to.Check that the policy for SSL VPN traffic is configured correctly.Go to Policy > IPv4 Policy or Policy > IPv6 policy.Check the Restrict Access settings to ensure the host you are connecting from is allowed.To troubleshoot getting no response from the SSL VPN URL:
0 kommentar(er)
