- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Fortigate SSL VPN disconnects between 2-5 minutes ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Fortigate SSL VPN disconnects between 2-5 minutes suddenly
Dear all,
Im using fortigate 60E with 5.6 firmware. All users can work only for few minutes & the VPN suddenly gets disconnected. No error comes in. I have installed forticlient 5.6 aas well, but it also give same results
Solved! Go to Solution.
Labels:
- Labels:
-
5.6
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Sorry for the delay, i was *way* busy 
I had a similar problem with SD-WAN where i work: replies from the ssl vpn were load balanced among our links, i observed traffic going out to wan2 with wan1's IP.
It was solved with this:
config vpn ssl settings
set route-source-interface enable
end
- « Previous
-
- 1
- 2
- Next »
17 REPLIES 17
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI,
Normally if you have More than one Wan link ..Below command will help you to solve disconnection issue .
set route-source-interface .
Just check if you have already run this command .
Regds,
Ashik
Ashu
Ashu
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Yes I did. Does not work
Also this command below
set source-interface "ISP" where ISP is the desired link.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Try this
Tunnel-mode connection shuts down after a few seconds
This issue can occur when there are multiple interfaces connected to the Internet (for example, SD-WAN). This can cause the session to become “dirty.” To fix this, you must allow multiple interfaces to connect without issue.
If you are using a FortiOS 6.0.1 or later, use the following CLI command:
config system interface
edit <name>
set preserve-session-route enable
next
end
If you are using a FortiOS 6.0.0 or earlier, use the following CLI command:
config vpn ssl settings
set route-source-interface enable
end
Regds,
Ashik
Ashu
Ashu
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ashik, I'm facing the same problem and trying to execute the CLI commands you posted. (V6.0.2)
I have 3 WAN connections, the SSL VPN is listening on WAN 1 named "TRUE" these are interfaces under the SD-WAN interface.
config system interface
edit <name> // I've tried edit "sdwan", edit "sd-wan", edit "true" & edit "root"
set preserve-session-route enable
next // I get the error after this
end
I receive the error:
Attribute 'vdom' MUST be set.
Command fail. Return code 1
I assume I'm not entering the correct <name> but I'm not sure what it should be.
Can you shed some light on this for me please?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
Any VDOM is configured in your firewall .In that case you should run this command on respective vdom.
Config Vdom
edit <vdom name>
Then try those commands .
Ashu
Ashu
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks Ashu,
That has fixed the issue.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Guys,
faced the same issue first on 5.6.6 and could fix it with
config vpn ssl settings set route-source-interface enable end 2 Days ago we upgraded to 6.0.3 and had the issue straight away. i applied this config system interface edit <name> set preserve-session-route enable next end But it didnt realy fixed the issue. now we have Random Disconnects i a range sometimes 3 - 6 Minutes, sometimes 10 -15 and sometimes even after 20 Minutes. All users that are currently connected will be disconnected at once. Dont know what to do as we rely on a stable connection for SSL VPN TUnnels. Any Ideas? Thank youNSE 8
NSE 1 - 7
NSE 8
NSE 1 - 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the help
now it is linked without any disconnection
- « Previous
-
- 1
- 2
- Next »
Related Posts
- Problem with FSSO removing users from... 218 Views
- Not showing intrusion prevention in FortiGate... 116 Views
- Fortigate 200E HIGH CPU USAGE -... 130 Views
- Users blocked from M365 services 164 Views
- Android phone forticlient vpn issue 560 Views
Labels
-
FortiGate
6,457 -
FortiClient
1,290 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
68 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
BGP
11 -
DNS
11 -
Interface
11 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.