Troubleshooting Tip: SSL VPN stopped working, FortiGate responding with RST

SSL VPN configured is fully functional. However, it stops working without any SSL VPN config changes.

config vpn ssl settings
    set servercert "Fortinet_Factory"
    set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1"
    set tunnel-ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1"
    set port 10443
    set source-interface "Internet"
    set source-address "all"
    set source-address6 "all"
    set default-portal "full-access"
end

On the FortiGate, incoming traffic can be seen with a response as RST, not letting TCP 3-way handshake established.

Internet in 172.16.10.3.51308 -> 192.168.10.1.10443: syn 3088753788

Internet out 192.168.10.1.10443 -> 172.16.10.3.51308 : rst 3088753789

A VIP is added on the same destination port as SSL VPN, stopping it from working as before. 

config firewall vip
    edit "Test-VIP"
        set uuid 83191566-d198-51ef-c4a3-4ff8e841cf94
        set extip 192.168.10.1
        set mappedip "10.10.10.1"
        set extintf "any"
        set portforward enable
        set extport 10443
        set mappedport 443
    next
end

To fix this:

1. Delete the VIP.
2. Use a different extport on VIP.
3. Use a different SSL VPN port.