Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
BigJay2100
New Contributor

Web VPN - RDP Connection Closed

I have web VPN setup for outside access.  As far as I know, this has been working just fine as it is used for some contractors.  All of a sudden, in attempting to use a bookmarked RDP session to one of our servers, we are seeing Connection Closed as soon as we log in.  I can confirm this is the case with my user account along with our outside contractor's user accounts and this is happening on any server we try to connect to.  These RDP sessions would be to Windows Server 2016 and 2019 OS's from Windows 10/11 OS's using Edge Chromium, Google Chrome, and Firefox.  

Any ideas why this would stop working?  Fortigate 200E device.  

Thanks.

2 REPLIES 2
abelio
Valued Contributor

Hi,
play a bit with different options for the security encryption

regards


__ Abel

sferoz

Good Day,

 

Thank you for using the Community Forum. 

 

Can you confirm the following:

 

FGT firmware version?

Was it working before or is it a new configuration?

Does it affect all users using WEB MODE?

Have you tried tunnel mode and tested the same?

Do you see any high CPU or memory on FGT during the event of disconnect
Client computer OS and Browser version, have you tried with different OS and Browser? 

 

Default session ttl is 3600 seconds, it can be changed for global, per port and per policy:

Per port:

# config system session-ttl
# config port
edit 1
set protocol 6
set timeout 3600
set start-port 3389
set end-port 3389
end

config firewall policy
edit <ID>
set session-ttl <Value in seconds>
end

This device is not designed to allow, but can allow constant connections as it could use up all the memory and push the device into conserve mode. To start troubleshooting its best to determine which policy is being used using the debug flow command, then look into changing the ttl, either using port or policy if the policy is very specific. If the policy is not very specific (Allows all traffic) it can use all the memory and cause other issues. If the issue still occurs after changing the TTL then I would run a Wireshark capture on the host and/or FortiGate in question.


Thanks,
Feroz