Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate hit RDP connections!


I try to access a server from different place via RDP on fortigate but the connection hits by FW!

I create a policy and I make all services allowed!

And I checked logs and I found the action is : TCP reset from client!


Any suggestions?


Thank you 


There are frequent use cases where a TCP session created on the firewall has a smaller session TTL than the client PC initiating the TCP session or the target device.

The underlying issue is that when the TCP session expires on the FortiGate, the client PC is not aware of it and might try to use again the past existing session which is still alive on its side.


For solution please refer this article :


Same issue!


Dear MD1,


Thank you for posting to the Fortinet Community Forum.


Problem Description:-
RDP connections issue


Can you please describe your NW topology with IP scheme.
Also can you share me the policy details
conf firewall policy
edit <policy id>
sh full


Also please take a sniffer during the time of issue.
diag sniff packet any 'host <rdp srv ip> and tcp port 3389' 6 0 l


Let us know if this helps.


Salon Raj Joshi
New Contributor

3.378281 -> syn 3287819881
3.378370 -> syn 3287819881
3.453500 -> syn 3625348047 ack 3287819882
3.453542 -> syn 3625348047 ack 3287819882
3.456563 -> ack 3625348048
3.456595 -> ack 3625348048
3.773236 -> psh 3287819882 ack 3625348048
3.773273 -> psh 3287819882 ack 3625348048
22.715528 -> rst 3287819928 ack 3625348048
22.715550 -> rst 3287819928 ack 3625348048

Top Kudoed Authors