- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSL VPN
configuring ssl vpn on firewall but after finishing, i cannot connect from outside to the internal network using Forti client vpn
- Labels:
-
FortiGate
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @HossTosson ,
What kind of error are you getting? Can you share your configuration with us?
Also, can you run the following commands while trying to connect to SSL-VPN and share the output with us?
diagnose debug application sslvpn -1
diagnose debug enable
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
you want me to run the above commands in fortigate firewall terminal, right?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Correct, this would be the icon in the top right of your screen that looks like this: >_
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @HossTosson ,
Yes you are right.
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @HossTosson,
Please review https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Possible-reasons-for-FortiClient-SSL...as this document will provide you with a quick overview of the percentage at which your connection is being terminated.
Thanks,
Ronak Patel
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the percentage i reach while tryin to connect is 10%
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @HossTosson,
You have a public IP address defined on the FortiGate that can be accessed from all over the world, right?
Or is there a device such as a router/modem in front of the FortiGate?
NSE 4-5-6-7 OT Sec - ENT FW
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @HossTosson ,
Thanks for confirming that you have another router in front of your fortigate.
Below article describes detailed steps on what you should perform next as troubleshooting steps:
You can refer below article as a reference on how to configure port forwarding on your ISP router so that your SSL VPN traffic is forwarded correctly from ISP router to Fortigate:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-behind-NAT/ta-p/272076
Cheers,
Ankit
If you have found a solution, please like and accept it to make it easily accessible to others.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
no. i have a router in front of fortigate.