Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
TraFon
New Contributor

Cant connect via sslvpn through wan1

Hi,

 

Currently i have users who are able to connect using our WAN 2, but I am getting server unreachable via the WAN 1 connection. The configuration stopped working today. In the past the IP pool sessions would be clogged up and I would have to kill those manually and it would fix it. 

 

I can ping both DNS for wan1 and wan2 without any issues. When checking internally, it shows as all traffic is going out via WAN 1.

 

Wan2 is our backup which has lower internet speeds.

 

Thanks,

EF

3 REPLIES 3
jintrah_FTNT
Staff
Staff

Hi EF,

 

Does the route table has active default routes across wan1 as that on wan2? Also, sslvpn settings must have added both the interfaces for listening sslvpn connections.

 

Best regards,

Jin

TraFon

Hi jintrah_FTNT,

 

Under SSL-VPN Settings both (wan1) and (wan2>x_VLAN) are both listening. 

 

Regarding active default routes, when I go to Static Routes, the subnet that my VPN users are obtaining is configured to interface "SSL-VPN tunnel interface (ssl.root)". Which I can see is configured under firewall policies>Incoming interface "SSL-VPN tunnel....". 


EF

jintrah_FTNT

Hi EF,

 

I am checking if we have default routes active in the route table, but not sslvpn subnet pointing to ssl.root. Something like below,

S* 0.0.0.0/0 [10/0] via x.x.x.x, wan1    <<<<---

     0.0.0.0/0 [10/0] via y.y.y.y, wan2    <<<---

 

best regards,

Jin

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors