Troubleshooting Tip: Create logs to troubleshoot being unable to connect to SSL VPN
| Description | This article describes the logs necessary to collect when troubleshooting an issue where the user is unable to connect to the SSL VPN. |
| Scope | FortiOS. |
| Solution | Execute the following commands in the FortiGate, connect to SSL VPN, and observe the logs.
diagnose vpn ssl debug-filter src-addr4 <X.X.X.X> Client's IP diagnose debug application sslvpn -1 diagnose debug application fnbamd -1 diagnose debug console timestamp enable
Executing these commands will provide logs necessary to help the support team reproduce the issue by observing the logs for errors.
To disable
diagnose debug disable diagnose debug reset
Note: x.x.x.x should be the public IP of the connecting user. The filter will ensure that the debug information relevant only to traffic from the specified IP address is captured, helping to focus on specific client troubleshooting.
SSL VPN event logs can also be checked to get more details
|