Unable Access SSLVPN After Restore Config on Another Fortigate Model
I have restored config from FGT 301E to FGT 100E, then upgrade version 6.2.9 to 6.4.9, it was successful. However, the SSLVPN is not able to access via FortiClient. After I changed the user password, it will able to connect.
Did anyone face this issue before and having a solution?
Note that by TAC the restore from another model is not supported.
There is different hardware, even there may be a different amount of ports. In your case minimum the 100E lacks a log disk. Searching online, you will find the 300E has much more ports, so many of your ports may have gone missing.
In the worst case such FortiGate will not boot anymore.
in your case, you can run the
diag debug config-error-log read
to show what kind of configuration errors it found on importing and what it dropped.
It is better and safer to factory reset it and copy&paste necessary parts of config from the old to the new device, say SSLVPN settings, user config, LDAP servers etc.
For general debug of SSLVPN this is helpful:
diag debug console timestamp enable
diag debug app fnbamd -1
diag debug app sslvpn -1
diag debug enable
But if the configuration errors are a problem, you should not debug, but fix the configuration.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.