Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
User10
New Contributor

Created on ‎02-17-2025 02:07 AM

Fortigate 200E issue with the VPN

Hello,

I used two fortigate 200E, i have an issue with the vpn.

I'm on the IT team,

I can connect the site with the vpn client (forticlient 7.0.3.0193) but only the files of our serveur file.

No ping is working through the VPN or RDP or anything else except the file of the server file.

I have an administrator acces on the VPN and i allow everything but it isn't working

Here is the configuration of the vpn.

I made a user group "G-SSL-ADMIN" with the users allowed

Screen 1

GSSL Admin.JPG

On SSL-VPN Portals i made a full access group

Screen 2

SSL VPN Portals.JPG

SSL-VPN Personal Bookmarks.

 

VPN SSL Bookmark.JPG

 

Someone has an idea ?

 

Labels:
578
0 Kudos
11 REPLIES 11
GauravPandya
New Contributor III

Created on ‎02-17-2025 03:02 AM

Can you please share screenshot of SSL VPN setting and configured policy?

445
0 Kudos
User10
New Contributor
In response to GauravPandya

Created on ‎02-17-2025 05:30 AM

VPN SSL Setting 1.JPG

VPN SSL Setting 2.JPG

  

410
0 Kudos
GauravPandya
New Contributor III
In response to User10

Created on ‎02-17-2025 05:44 AM

Please share configured policy screenshot. I just want to verify if destination and services are allowed in policy or not.

406
0 Kudos
User10
New Contributor
In response to User10

Created on ‎02-17-2025 05:51 AM

3.JPG

 

401
0 Kudos
User10
New Contributor
In response to User10

Created on ‎02-17-2025 05:53 AM

Where is configured policy ?

 

398
0 Kudos
GauravPandya
New Contributor III
In response to User10

Created on ‎02-17-2025 06:00 AM

Please make sure all required services like ICMP are present in policy. check the logs for which you are not able to access destination. Run debug flow to troubleshoot issue, it will give you reason for drop. Hop this will help.

Debug-flow.PNG 

390
Sheikh
Staff
Staff

Created on ‎02-17-2025 07:06 AM

Hello @User10 

You can enable the following debug logs and test again.

 

diagnose debug disable

diagnose debug reset
diagnose debug cons time enable

diag vpn ssl debug-filter src-addr4 x.x.x.x (Replace x.x.x.x with the IP address of the PC connected to the SSL VPN)
diagnose debug app sslvpn -1

diagnose debug enable

 

***********reproduce the issue**********

 

regards,

 

Sheikh

**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**
368
User10
New Contributor
In response to Sheikh

Created on ‎02-18-2025 04:06 AM

Hello,

Thanks for the reply.

I'm logged on the firewall CLI Console there is no ssh or telnet enable.

 

When i type : diagnose debug disable

Command.JPG

 

297
0 Kudos
User10
New Contributor
In response to User10

Created on ‎02-19-2025 03:44 AM

I can't make any diagnostic, because the command are not working :

 

diagnose debug disable

diagnose debug reset
diagnose debug cons time enable

diag vpn ssl debug-filter src-addr4 x.x.x.x (Replace x.x.x.x with the IP address of the PC connected to the SSL VPN)
diagnose debug app sslvpn -1

diagnose debug enable

 

Someone has an idea ?

274
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.