Hello,
I'm facing a problem, I have a FortiEMS delivering ZTNA TAGS to my users with FortiClient with telemetry.
What happens is that every time users access the SSL VPN they have to wait seconds or minutes to access its resources, it's like there's a delay.
Firewall policies have ZTNA tags to allow communication.
This is normal? If so, is there a way to bypass this delay somehow, or configure it so it doesn't occur?
Hello
Try check in firewalls traffic log why the packets are blocked during the first minutes.
IS the resources access via https proxy ? if its simple sslvpn then you can enable DTLS on FCT and SSL VPN setting on FortiGate also check the MTU size in policy
Hello @pegasokra ,
Thank you for contacting the Fortinet Forum portal.
-I would recommend verifying if the firewall policy is flow-based or proxy-based along with any inspections enabled on the firewall policy.
-Does it affect all users or specific user?
-Is there any particular time in the day or week they reported or all the time?
-Can you confirm the firmware version of fortiEMS and Forticlient you are using along with FortiGate?
-Please make sure DTLS is enabled on Forticlient along with Fortigate
-Have you done any recent upgrades or changes on configurations?
Best regards,
Manasa.
If you feel the above steps helped to resolve the issue mark the reply as solved so that other customers can get it easily while searching on similar scenarios.
Hello,
I had the same problem on 2 new computers installed on our network. Both DELL and when removing the Dell Optimizer software the VPN connections normalized access.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.