Skip to main content
UserY
UserY
Visitor III
March 22, 2023
Question

Fortigate SSL VPN or IPSec VPN

  • March 22, 2023
  • 2 replies
  • 2624 views

Hello everybody,

 

we currently have SSL VPN in use. The users in the home office keep getting disconnections in the Forticlient, so they have to log in again and again. Are there any solutions to make the VPN connection more stable so that there are hardly any VPN disconnects during the day? How is your VPN Configuration at your company?

 

Background: We want configure 2FA (2-factor-authentication) on our VPN. So we need a stable connection. That the User don't need to authenticate after every disconnect from the VPN

 

Glad about any feedback & thank you

2 replies

srajeswaran
Staff
srajeswaran
Staff
March 22, 2023

Can you check if the idle-time is set to 300 sec(default value), if so, the tunnel will get disconnected if the user don't use suystem for 5 minutes.

Try configuring a higher idle time and monitor.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-timers-explanation-and-SSL-VPN-Login/ta-p/203615

    UserY
    UserYAuthor
    Visitor III
    March 22, 2023

    Hello @srajeswaran thanks for your reply. The Idle Logout Time for Inactive is 600 seconds.

    srajeswaran
    Staff
    srajeswaran
    Staff
    March 22, 2023

    which is 10 minutes, I think the VPN will go down if the user is away for a break. Can you increase it to atleast an hour and check?

    funkylicious
    SuperUser
    funkylicious
    SuperUser
    March 22, 2023

    See if this helps, https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SSL-VPN-to-allow-tunnel-reconnection/ta-p/220498

    "jack of all trades, master of none"
    Terms & ConditionsAccessibility statement