| Description | This article describes the reason why SSL VPN could terminate at 40% when connecting to FortiSASE. |
| Scope | FortiSASE, SSL VPN. |
| Solution |
When SSL VPN blocks at 40% and is not connected by using a SAML user or even by a FortiSASE Local User, this could be because of an expired certificate on FortiSASE. Open a ticket with Fortinet technical support if facing such an issue.
This can be verified by going through the below steps to make sure it is not related to another issue. Try to log in by using SAML/local user as shown in the below screenshot. The below error might show before adding the SAML credentials:
After adding the credentials, the VPN will stop at 40% and terminate the connection as shown below:
To eliminate any SAML issues, login to FortiSASE, navigate to VPN user SSO, and start the SAML test, it should show successful as shown below:
The last step of verification could be to navigate to FortiSASE -> Configuration -> VPN user SSO TAB, copy the Portal Sign ON URL, and paste it to the browser, it will show that the certificate is not trusted as shown below.
|
