Description |
This article describes the behavior of FortiClient, when customers see many of ssl-exit-error and ssl-new-con events in VPN events log on FortiGate firewall. |
Scope | SSL-VPN, FortiClient, Window. |
Solution |
This is an expected behavior of FortiClient Window.
Developer Team: It is common to do a probe connect first (attempt a socket connection with 3 seconds timeout, then close the connection right away if then connection is OK), then start the actually login process.
Reproduce the behavior in TAC-KL lab: Before the actual login from user1 (Remote IP: 10.47.2.4), there were events of ssl-new-con and ssl-exit-error from user N/A.
In ssl-exit-error event, we also observed the reason of 'DH lib' – similar in customer’s logs.
In ssl-new-con event, we also observed the reason of 'N/A' – similar in customer’s logs.
User1 was considered as login successfully after these 2 events: user logged successfully and the tunnel was established with tunnel IP address: 10.212.134.200.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.