Description | This article describes that SSL VPN is not working when FortiGate is on NGFW Policy-based. |
Scope | FortiGate. |
Solution |
When FortiGate is operating in NGFW mode Policy-based, SSL VPN may not work, although it is configured under SSL VPN settings with a security policy to allow the traffic. When running the sniffer, TCP three-way handshake is not completing and sslvpnd is not running:
In Policy-based NGFW, it is also necessary to have an SSL inspection policy under Policy&Objects -> SSL Inspection&Authentication for the SSL VPN traffic otherwise the sslvpnd will not start.
Related document: |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.