FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
calink
Staff
Staff
Article Id 330239
Description

This article describes why there may be blank output when running SSL VPN debug commands. This assumes that traffic is confirmed to be hitting the FortiGate SSLVPN interface in a sniffer debug.

Scope

FortiGate.

Solution

The SSL VPN debug commands provided by TAC will generate output when attempting to connect to the SSL VPN.

 

Basic SSL VPN debugs will be:

 

diag debug disable

diag debug reset

diag debug application sslvpn -1

diag debug enable

 

If there is no output, there must be a filter in place. To clear the filter, run the following command:

 

diag vpn ssl debug-filter clear

 

Attempt to connect to the SSL VPN again. This will generate output that can be shared with TAC.

Contributors