FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mle2802
Staff
Staff
Article Id 332709
Description This article describes how to troubleshoot the error 'connection reset while accessing SSL VPN web mode'.  
Scope FortiGate. 
Solution

When running an SSL VPN debug, the following errors are observed:


error_message.png

Checking SSL VPN config shows that the option 'source-interface' is set under the SSL VPN setting authentication rule: 
 

config vpn ssl settings 

set servercert "FCIC" 

set tunnel-ip-pools "SSL-VPN-Pool" 

set source-interface "port1" 

set source-address "all" 

set source-address6 "all" 

set default-portal "tunnel-access" 

config authentication-rule 

edit 1 

set source-interface "port2" 

set source-address "all" 

set groups "IFRS17-Grp" 

set portal "tunnel-access" 

end 
 

When this option enabled, it will override the global setting and port 1 will never listen for connections: only port 2 will. Unset this option to allow port1 to listen and establish a new connection. 

Related article:
Technical Tip: SSL VPN source-interface setting in authentication rule taking precedence