SSL-VPN connection on another device blocked after updating Fortigate 300E from 6.4.8 to 7.0.10 Communication is http communication due to the specifications of the device Are there any restrictions related to http communication around here due to the update?
As I understand that post upgrading to 7.0.10, SSL VPN connection is blocked? Please correct me if I am mistaken, SSL connection is already established but the only issue you are facing is in accessing HTTP services?
Can you take the debug on the FortiGate and test the connection, It will give us a clarity where it is failing
diagnose debug disable diagnose debug reset diagnose debug console timestamp enable diagnose debug application sslvpn -1 diagnose debug application fnbamd -1 diagnose vpn ssl debug-filter src-addr4 x.x.x.x <--- in place of x.x.x.x use Public IP address of the client's PC diagnose debug enable
http communication from the destination website seems to be blocked Therefore, I was able to connect after allowing communication from the website(srcaddr) and communication to the SSL-VPN device(dstaddr). I think a specific setting is blocking Considering that I was able to connect before the version upgrade(6.4.8), I think that a specific setting is the cause of the block.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.