Our SSL VPN has been working without any problems, at the moment we cannot access web portal at all, FortiClinet is not connecting at all as well ( status :10% and error :“Unable to establish the VPN connection. The VPN server may be unreachable.) All fine when connecting with IPsec VPN.
Our Fortigate 200D was updated to 5.2.1, previously was 5.0.9 -> updated to 5.0.10 ->5.2.1. Problem came when we did update from 5.0.10 -> 5.2.1. so we decided to downgrade to 5.0.10 but surprisingly, SSL didn't work on that version as well, so we updated back to 5.2.1. Then the troubleshooting fight begun. What was done so far:
-checked policy on firewall ( was ok when SSL VPN was working) no change was done
-changed ports from 433 to 10443 and others
-firewall reboot : hardware and software reboot
-Logs are showing : action :deny , policy ID: 0 , all ports tested ,
-no change on routing was done
We've tried to update to 5.2.2 but something was wrong with internet traffic, firewall was not allowing traffic for some website , all was fine after downgrading to 5.2.1