Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
caunon
Staff
Staff

Created on ‎08-01-2025 08:19 AM

Article Id 404268

Troubleshooting Tip: The sslvpnd daemon crashed, causing the SSL VPN connection to drop after enabling dual-stack-mode in the SSL VPN settings

Description

This article describes how to handle a situation where the sslvpnd daemon with FortiGate firmware v7.0.8 build0418 crashes. It causes the SSL VPN connection to drop after enabling dual-stack-mode feature in the SSL VPN settings.
Scope

FortiGate v7.0.8.
Solution
  1. When configuring addrgrp6 in srcaddr6 settings under the firewall policy at FortiGate unit, and with the dual-stack-mode feature enabled in SSL VPN settings, the sslvpnd daemon will crash and the SSL VPN connection will come down.

config firewall addrgrp6

    edit "all_sslvpn_ipv6"

        set member "sslvpn_users_ipv6" "sslvpn_users2_ipv6"

    next

end

 

config firewall policy

    edit <Policy ID>

        set srcintf "port1"

        set dstintf "port2"

        set action accept

        set srcaddr "all_sslvpn"

        set dstaddr "10.154.0.1"

        set srcaddr6 "all_sslvpn_ipv6"

        set dstaddr6 "false_ipv6"

        set schedule "always"

        set service "ALL"

        set groups "vpn_users_group"

    next

end

 

config vpn ssl settings

    set dual-stack-mode enable

end

 

  1. Run the following CLI command to see the following logs:

 

diagnose debug crashlog read

 

51367: 2025-07-15 15:24:45 <01504> firmware FortiGate-101F v7.0.8,build0418b0418,221012 (GA.F) (Release)

51368: 2025-07-15 15:24:45 <01504> application sslvpnd

51369: 2025-07-15 15:24:45 <01504> *** signal 11 (Segmentation fault) received ***

51370: 2025-07-15 15:24:45 <01504> Register dump:

51371: 2025-07-15 15:24:45 <01504> R0: 0000000004b0a3e8   R1: 0000000000000001   R2: 00000000043d4750

51372: 2025-07-15 15:24:45 <01504> R3: 000000000274b328   R4: 0000000000000000   R5: 00000000000000ca

51373: 2025-07-15 15:24:45 <01504> R6: 0000000000000180   R7: fefefeff736e6e71   XR: 7f7f7f7f7f7f7f7f

51374: 2025-07-15 15:24:45 <01504> R9: 0000000000000036   R10: 0101010101010101   R11: 0000000000000020

51375: 2025-07-15 15:24:45 <01504> R12: 0000000000000000   R13: 0000000000000000   R14: 0000000000000002

51376: 2025-07-15 15:24:45 <01504> R15: 0000000000000000   IP0: 00000000043d8a38   IP1: 0000007f85006740

51377: 2025-07-15 15:24:45 <01504> PR: 0000000000000000   R19: 00000000092f0ff0   R20: 00000000043d7000

51378: 2025-07-15 15:24:45 <01504> R21: 0000000000000065   R22: 00000000092f0ff0   R23: 0000000000000003

51379: 2025-07-15 15:24:45 <01504> R24: fffffffffffffec0   R25: 0000000000000000   R26: 0000007f837905dc

51380: 2025-07-15 15:24:45 <01504> R27: fffffffffffffec0   R28: 000000001bf9d120   FP: 0000007fd8579120

51381: 2025-07-15 15:24:45 <01504> fault_address: 0000007fd8578fe0   sp: 0000007fd8579120

51382: 2025-07-15 15:24:45 <01504> pc: 000000000274b328   lr: 00000000020b428c

51383: 2025-07-15 15:24:45 pstate: 80000000 (Nzcv daif -PAN -UAO)

51384: 2025-07-15 15:24:45 backtrace too deep

51385: 2025-07-15 15:24:45 <01504> Backtrace:

51386: 2025-07-15 15:24:45 <01504> [0x0274b328] => /bin/sslvpnd 

51387: 2025-07-15 15:24:45 <01504> [0x020b428c] => /bin/sslvpnd 

51388: 2025-07-15 15:24:45 <01504> [0x020b468c] => /bin/sslvpnd 

51389: 2025-07-15 15:24:45 <01504> [0x020b47fc] => /bin/sslvpnd 

51390: 2025-07-15 15:24:45 <01504> [0x020b0100] => /bin/sslvpnd 

51391: 2025-07-15 15:24:45 <01504> [0x020b03dc] => /bin/sslvpnd 

51392: 2025-07-15 15:24:45 <01504> [0x020b22f0] => /bin/sslvpnd 

51393: 2025-07-15 15:24:45 <01504> [0x020ab0e8] => /bin/sslvpnd 

51394: 2025-07-15 15:24:45 <01504> [0x0204fdb8] => /bin/sslvpnd 

51395: 2025-07-15 15:24:45 <01504> [0x0204dc10] => /bin/sslvpnd 

51396: 2025-07-15 15:24:45 <01504> [0x0204e178] => /bin/sslvpnd 

51397: 2025-07-15 15:24:45 <01504> [0x020b2698] => /bin/sslvpnd 

51398: 2025-07-15 15:24:45 <01504> [0x020ab0e8] => /bin/sslvpnd 

51399: 2025-07-15 15:24:45 <01504> [0x020bacd0] => /bin/sslvpnd 

51400: 2025-07-15 15:24:45 <01504> [0x020bb234] => /bin/sslvpnd 

51401: 2025-07-15 15:24:45 <01504> [0x020b265c] => /bin/sslvpnd 

51402: 2025-07-15 15:24:45 <01504> [0x020ab0e8] => /bin/sslvpnd 

51403: 2025-07-15 15:24:45 <01504> [0x016d3b2c] => /bin/sslvpnd 

51404: 2025-07-15 15:24:45 <01504> [0x016d3b6c] => /bin/sslvpnd 

51405: 2025-07-15 15:24:45 <01504> [0x016d3b6c] => /bin/sslvpnd 

51406: 2025-07-15 15:24:45 <01504> [0x016d3b6c] => /bin/sslvpnd 

51407: 2025-07-15 15:24:45 <01504> [0x016d3b6c] => /bin/sslvpnd 

...

51638: 2025-07-15 15:24:45 <01504> [0x016d3b6c] => /bin/sslvpnd 

51639: 2023-02-16 15:26:12 <01504> fortidev 6.0.1.0005

 

To fix:

 

  1. For a workaround with a temporary fix:

 

Disable the dual-stack-mode feature in SSL VPN settings.

 

config vpn ssl settings

    set dual-stack-mode disable

end

 

  1. For a permanent fix:

 

It is necessary to upgrade FortiGate firmware version to be v7.2.11, v7.4.0, and above.
281
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.