Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
dbabic
Staff
Staff

Created on ‎09-11-2019 04:41 AM Edited on ‎03-26-2025 11:05 PM By Moderator

Article Id 197837

Troubleshooting Tip: FortiClient SSL VPN connection status gets stuck at 40%

Description

 

This article describes how to connect to SSL VPN when the status gets stuck at 40%.

 

Scope

 

FortiGate.

Solution


The SSL VPN sometimes gets stuck at 40%. This can be caused when the FortiClient opens a new window in the back asking to proceed as the certificate is untrusted as per the following:

 
After selecting 'yes', the connection will proceed normally.
 
This can also be caused by an expired custom server certificate on the FortiGate. As a workaround, choose the Fortinet_Factory certificate while waiting for certificate renewal from the CA.
 
Note: A special case where sslvpn stops at 40% can be a missing configuration on the FortiGate side, especially a firewall policy where the ssl.root is the source interface, similar to the image below:
 
sslvpnpolicy.PNG

 

82307
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.