Dear all,
Im using fortigate 60E with 5.6 firmware. All users can work only for few minutes & the VPN suddenly gets disconnected. No error comes in. I have installed forticlient 5.6 aas well, but it also give same results
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Sorry for the delay, i was *way* busy
I had a similar problem with SD-WAN where i work: replies from the ssl vpn were load balanced among our links, i observed traffic going out to wan2 with wan1's IP.
It was solved with this:
config vpn ssl settings
set route-source-interface enable
end
HI,
Normally if you have More than one Wan link ..Below command will help you to solve disconnection issue .
set route-source-interface .
Just check if you have already run this command .
Regds,
Ashik
Yes I did. Does not work
Also this command below
set source-interface "ISP" where ISP is the desired link.
Hi,
Try this
This issue can occur when there are multiple interfaces connected to the Internet (for example, SD-WAN). This can cause the session to become “dirty.” To fix this, you must allow multiple interfaces to connect without issue.
If you are using a FortiOS 6.0.1 or later, use the following CLI command:
config system interface
edit <name>
set preserve-session-route enable
next
end
If you are using a FortiOS 6.0.0 or earlier, use the following CLI command:
config vpn ssl settings
set route-source-interface enable
end
Regds,
Ashik
Ashik, I'm facing the same problem and trying to execute the CLI commands you posted. (V6.0.2)
I have 3 WAN connections, the SSL VPN is listening on WAN 1 named "TRUE" these are interfaces under the SD-WAN interface.
config system interface
edit <name> // I've tried edit "sdwan", edit "sd-wan", edit "true" & edit "root"
set preserve-session-route enable
next // I get the error after this
end
I receive the error:
Attribute 'vdom' MUST be set.
Command fail. Return code 1
I assume I'm not entering the correct <name> but I'm not sure what it should be.
Can you shed some light on this for me please?
Hi
Any VDOM is configured in your firewall .In that case you should run this command on respective vdom.
Config Vdom
edit <vdom name>
Then try those commands .
Thanks Ashu,
That has fixed the issue.
Hello Guys,
faced the same issue first on 5.6.6 and could fix it with
config vpn ssl settings set route-source-interface enable end 2 Days ago we upgraded to 6.0.3 and had the issue straight away. i applied this config system interface edit <name> set preserve-session-route enable next end But it didnt realy fixed the issue. now we have Random Disconnects i a range sometimes 3 - 6 Minutes, sometimes 10 -15 and sometimes even after 20 Minutes. All users that are currently connected will be disconnected at once. Dont know what to do as we rely on a stable connection for SSL VPN TUnnels. Any Ideas? Thank youNSE 8
NSE 1 - 7
Thanks for the help
now it is linked without any disconnection
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
227 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.