Hi community
we have a FortiGate 200D with ~30 SSL VPN Users. We have a problem that we're unable to find the cause of. All connected users are getting disconnected all at once several times during the day. It's not possible for them to work like this.
I want to upgrade the firmware of our firewall, to see if the problem can be solved by that. In the known issues of the version 6.0.9 it says that it also has the problem with the random disconnects. I want to avoid those problems and have a stable infrastructure, so I'm tempted to try version 6.0.8. In the known issues section of 6.0.8 there's no mention of RDP Problems.
I wanted to ask if those issues are exclusive to 6.0.9 or is version 6.0.8 also affected by them?
Thank you.
Solved! Go to Solution.
Hi,
I got the same problem with RDP in 6.0.8 and 6.0.9. Issue started in 6.0.8.
Fortinet will fix in 6.0.10 or, if you can't wait, you have to call TAC, I got a custom 6.0.9 FortiOS version that fixes this issue. Everything works fine since I upgraded with the custom build.
Regards,
Philippe
Hi,
I got the same problem with RDP in 6.0.8 and 6.0.9. Issue started in 6.0.8.
Fortinet will fix in 6.0.10 or, if you can't wait, you have to call TAC, I got a custom 6.0.9 FortiOS version that fixes this issue. Everything works fine since I upgraded with the custom build.
Regards,
Philippe
pgagne@androide.com wrote:Hi,
I got the same problem with RDP in 6.0.8 and 6.0.9. Issue started in 6.0.8.
Fortinet will fix in 6.0.10 or, if you can't wait, you have to call TAC, I got a custom 6.0.9 FortiOS version that fixes this issue. Everything works fine since I upgraded with the custom build.
Regards,
Philippe
Hi Philippe
thank you for your input. I contacted technical support, and they gave me the special build 6.0.9, where this issue is resolved.
I will update this thread once I've upgraded the firmware and tested it a few days.
Hi guys,
so I wanted to share a little update.
We still had mass disconnects, even after installing the latest upgrade.
We had a remote session with a fortinet engineer. He suggested us to try to connect with our second WAN interface, as our config seemed fine. We tried that and it worked like a charm.
We opened a ticket with our primary ISP, and they told us that they see many drops on the router. They're now checking why this happens.
Maybe this information can help someone, who's facing similar issues.
Just FYI: I've heard from FTNT SE that the current 6.0.10 target release date is in early June.
hmmm...if you read what Bogdan posted today (same problem, remedy) then it might mitigate your situation a bit.
At first I didn't understand how RDP interruptions and missing blackhole routes play together. Now, I think that the RDP problems are caused by some firmware bug (possibly fixed in v6.0.10) but...their effect is more serious if you do not install blackhole routes.
That's because when the session is interrupted (the dialup tunnel is closed) the FGT will send traffic out the WAN interface where the default route points to. Thus, a session is established. When the tunnel comes up again (maybe in a second or so) it cannot reestablish the session because there is already a valid session active for this traffic. Only after a timeout the session can be built up across the tunnel, and the application continues to run. The net effect is that the connection stalls for quite some time.
Do you have SDWAN enabled or multiple ISP's?
if so try this. Seems to have worked for us in similar issues with multiple clients and SSl VPN disconnects
https://vata.com/knowledge-base/stop-fortinet-forticlient-disconnects/
Hi
I got an interim update from support( FGT_100D-v6-build8661-FORTINET.out ) .
I was running 6.0.9 on a 100D cluster
Since update last wednesday, no more disconnection on RDP session
2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.