Created on
01-22-2025
04:43 AM
Edited on
01-26-2025
10:30 PM
By
Anthony_E
Description | This article describes a scenario where Central SNAT is enabled in the FortiGate and users are unable to connect to the SSL VPN and getting disconnected at 10% with 'Unable to establish the VPN connection. The VPN server may be unreachable' error. |
Scope | FortiGate with Central SNAT enabled. |
Solution |
diagnose sniffer packet any "host x.x.x.x and port y" 4 0 a Replace x.x.x.x with the public IP of the user trying to connect, and y with the SSL VPN listening port.
diagnose debug application sslvpn -1 If no logs are seen under the SSL debug logs, proceed to step 3.
diag sys process pidof sslvpnd If no sslvpnd process is up and running on the FortiGate, proceed to step 4.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.