Troubleshooting Tip: FortiClient SSL VPN connectivity failure while using iPhone Hotspot

By default, wireless network adapters are set to an MTU value of 1500 bytes for Windows OS.

Step 1: Check the current set value for the Wi-Fi adapter from the Windows command terminal running the following command:

netsh interface ipv4 show subinterface
MTU MediaSense State Bytes In Bytes Out Interface
---------- --------------- ------------ ------------ -------------
4294967295 1 0 716768 Loopback Pseudo-Interface 1
1500 1 33631981 24199045 Wi-Fi<--------  wifi adapter
1400 5 0 0 Ethernet
1392 5 0 0 Ethernet 3
1500 5 0 0 Local Area Connection* 3
1500 5 0 0 Local Area Connection* 12
1500 1 2292874705 417774525 Ethernet 5

The first column has the MTU value. The wifi adapter will have Wi-Fi in the Interface column.

Step 2: Test the following from commands with different values of MTU (e.g.,1200, 1300, 1350, 1400, and so on) until ping failure is observed with the highest value while connected to the mobile Hotspot.

ping 8.8.8.8 -f -l 1300  <- Start with 1300 and keep increasing the MTU value in increments of 50.

Step 3: Once the ping is successful with the max MTU value, set that value to the physical wireless network card in the Windows machine from the command terminal. It is required to run the command prompt as an Admin user.

netsh interface ipv4 set interface "Wi-Fi" mtu=1400   <- This will set the MTU size to 1400.

Step 4: Try to connect to SSL VPN using FortiClient to see whether everything is working as expected.