Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chinlong
New Contributor

Unable Access SSLVPN After Restore Config on Another Fortigate Model

Hi Everyone,

 

I have restored config from FGT 301E to FGT 100E, then upgrade version 6.2.9 to 6.4.9, it was successful. However, the SSLVPN is not able to access via FortiClient. After I changed the user password, it will able to connect.

 

Did anyone face this issue before and having a solution?

 

Thank you.

1 REPLY 1
Markus_M
Staff
Staff

Hello Chinlong,

 

Note that by TAC the restore from another model is not supported.

There is different hardware, even there may be a different amount of ports. In your case minimum the 100E lacks a log disk. Searching online, you will find the 300E has much more ports, so many of your ports may have gone missing.

 

In the worst case such FortiGate will not boot anymore.

in your case, you can run the

diag debug config-error-log read

to show what kind of configuration errors it found on importing and what it dropped.

It is better and safer to factory reset it and copy&paste necessary parts of config from the old to the new device, say SSLVPN settings, user config, LDAP servers etc.

 

For general debug of SSLVPN this is helpful:

diag debug console timestamp enable

diag debug app fnbamd -1

diag debug app sslvpn -1

diag debug enable

 

But if the configuration errors are a problem, you should not debug, but fix the configuration.

 

Best regards,

 

Markus

 

Labels
Top Kudoed Authors