Hi
I manage a larg group of remote workers and since the adoption of the ipsec from ssl vpn our ticketing system is on fire.
Everyone complains about speed, slow , drops from rdp...etc...
I am using an intermediary fortios 7.4.6 before I go to 7.6.4 but now I'm starting to regret.
Anyone gone thru the same issue ? I have an active ticket with fortinet but wonder if any of you can share a fix if you had same experience.
I haven changed yet the tsp-mss and mtu setting as I am waiting to hear back from fortinet support.
I am using latest version of forticlient not ems ...
Tx
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for someone to help you.
We will come back to you ASAP.
Thanks,
Hi,
To address issues when migrating from SSL VPN to IPsec VPN, consider the following steps:
Port Configuration: Ensure that the auth-ike-saml-port
is not conflicting with the SSL VPN port. If SSL VPN is decommissioned, change its port to avoid conflicts.
IPsec Tunnel Setup: Use the IPsec wizard to configure a new IPsec tunnel. Ensure the interface, pre-shared key, and user group are correctly set.
Custom Tunnel Configuration: Convert the newly created IPsec tunnel to a custom tunnel and verify the parameters in the CLI, such as ike-version
, peertype
, proposal
, and authusrgrp
.
Traffic Routing: If using split tunneling, ensure the remote subnet is included. For full tunnel configurations, no changes are needed in the SSL-VPN portal settings.
Firewall Policies: Ensure existing firewall policies are updated to accommodate the new IPsec tunnel configuration.
Testing and Validation: Test the IPsec VPN connection to ensure it is functioning as expected and troubleshoot any connectivity issues.
If issues persist, review the configuration for any discrepancies and ensure all settings align with the intended network design.
User | Count |
---|---|
2626 | |
1400 | |
810 | |
672 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.