Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pegasokra
New Contributor

Created on ‎01-05-2024 10:37 AM

Delay in accessing the network after connecting to SSL VPN + ZTNA

Hello,

 

I'm facing a problem, I have a FortiEMS delivering ZTNA TAGS to my users with FortiClient with telemetry.

 

What happens is that every time users access the SSL VPN they have to wait seconds or minutes to access its resources, it's like there's a delay.

 

Firewall policies have ZTNA tags to allow communication.

 

This is normal? If so, is there a way to bypass this delay somehow, or configure it so it doesn't occur?

10.0.0.0.1 192.168.1.254
10.0.0.0.1 192.168.1.254
Labels:
1330
0 Kudos
4 REPLIES 4
AEK
SuperUser
SuperUser

Created on ‎01-05-2024 10:51 AM

Hello

Try check in firewalls traffic log why the packets are blocked during the first minutes.

AEK
AEK
1310
0 Kudos
msolanki
Staff
Staff

Created on ‎01-06-2024 05:55 AM

IS the resources access via https proxy ? if its simple sslvpn then you can enable DTLS on FCT and SSL VPN setting on FortiGate also check the MTU size in policy

1277
0 Kudos
mpeddalla
Staff
Staff

Created on ‎01-06-2024 08:40 AM

Hello @pegasokra  ,

 

Thank you for contacting the Fortinet Forum portal.

 

-I would recommend verifying if the firewall policy is flow-based or proxy-based along with any inspections enabled on the firewall policy.

-Does it affect all users or specific user?

-Is there any particular time in the day or week they reported or all the time?

-Can you confirm the firmware version of fortiEMS and Forticlient you are using along with FortiGate?

-Please make sure DTLS is enabled on Forticlient along with Fortigate

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Using-DTLS-to-improve-SSL-VPN-performance/...

-Have you done any recent upgrades or changes on configurations?

 

Best regards,

Manasa.

 

If you feel the above steps helped to resolve the issue mark the reply as solved so that other customers can get it easily while searching on similar scenarios.

Manasa
1259
0 Kudos
marcelolapolla
New Contributor

Created on ‎05-15-2024 10:15 AM

Hello,

 

I had the same problem on 2 new computers installed on our network. Both DELL and when removing the Dell Optimizer software the VPN connections normalized access.

 

 

834
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.