Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

SSL-VPN port closed after upgrade


We are using Fortigate 60E with 5.6.9 for many years. Yesterday we want to update it to higher version. We are going as upgrade path said, first to 5.6.11, then 5.6.13. to this moment all works correct (sslvpn too). Next step was 6.0.18. Fortigate booted up, vlan and other services works but SSLVPN stoped working - port 443 is closed, clients got error on 10% - fortigate gui works on port 10443 so there is no conflict with sslvpn port. We tried to fix it but without lucky so we decide to upgrade higher to 6.2.16 but the problem is still the same.
1) i thied to change sslvpn port from 443 to 4433, 44300, etc. no lucky

2) when i nmap external IP then port 443 is closed but ipv4 rule is correct

3) telnet to external ip:443 = no connection

4) other services and redirects (to NAS, to CCTV) works

5) no logs about sslvpn (logs-vpn is empty)


I have no idea where is the problem and how to fix it.

New Contributor

i`ve got some updates - there is something strange with latest versions because on latest version`s of branches ex. 6.0.18, 6.2.15 SSL-VPN is not working. I upgraded to 6.4.0 and VPN works once again. Then i moved to 6.4.14 and vpn is still working. Now i`m flashing 6.4.15 which is latest version of 6.4.x branch. If on this version vpn will stop working then i will have confirmation that bug described there

has been fixed in latest version by closing ssl-vpn port!

New Contributor

ok 6.4.15 and ssl-vpn works. I have no idea why it wont work on 6.0.18 and 6.2.15...




Can you check and run the debug flow to see why the VPN port is closed?


diag deb reset

diag deb flow sh function-name ena

diag deb flow filter dport 443

diag deb flow trace start 100

diag deb ena


To stop the debug :

diag deb disable

diag deb flow trace stop




Top Kudoed Authors