Hi, guys, It has been frustrated about this configuration; the sslvpn
idle-timer is still not working. I configured all related
parameters/attributes as the following weblink:Technical Tip: SSL-VPN
Idle-timeout not working My network configuration as...
Hi, guys, I am using Fortigate 400E with FortiOS v7.0.3; A SDWAN
configuration of 3 internet lines; lines information are the
following:1. line1 = 100.100.100.0/24 ; ( a VIP mapping -
100.100.100.10-NATed-10.16.6.35 )2. line2 = 111.111.111.0/24 ; ( a...
Hi, guys, I am currently using Fortigate 400E with FortiOS v7.0.3, with
the SDWAN configuration of 3 internet lines.I tried to test the
destination IP with traceroute/pingtest as the following test cases:
SDWAN configuration:1. service rule = Maximiz...
Hi, guys, I am using Fortigate 400E with FortiOS v7.0.3, and the SDWAN
SLA performance configuration for the 3-link SDWAN ( SDWAN health-check
) is below: SLA configuration and
verification:-----------------------------------------------------------1...
Hi, guys, I am using Ftg400E HA with FortiOS v7.0.3.Three internet lines
are configured in the Ftg400E and formed into "SDWAN for internet
access"; the SDWAN rule is using "maximize bandwidth mode", so three
lines are sharing the internet traffic loa...
Hi, Toshi,Thanks so much for your prompt response and detailed
explanation.So the Fortigate sslvpn idle-timer starts to count
down/trigger at the condition of absolutely no tunnel traffic. May I
know if anything keeps monitoring the sslvpn tunnel ali...
Hi, Toshi, You are correct, the following udp traffic is captured from
the tunnel IP:02DC_Ftg100E_primary # diag sniffer packet ssl.root 'host
10.212.134.202'4 0 ainterfaces=[any]filters=[host
10.212.134.202]2023-05-25 04:26:23.318327 ssl.root in
10....
Hi, Toshi, Thanks so much for your reply, attached is the my test
result, that may show you a bit clear:1. tunnel IP2. no tunnel traffic
received ( that should be clear enough to verify the sslvpn idle-timer )
Other SSLVPN settings:------------------...
Hi,Haiqal,Noted with thanks; for my test, I just set up the sslvpn
connection ( with no other network traffic test - ping, traceroute,
http.. ), and then waited until sslvpn idle-timer expired.
Hi, guys, I captured some packets as below ( the Fortigate is HA
structure ).1. no udp traffic between the sslvpn client and Fortigate.2.
no any. udp/tcp traffic for tunnel ip = 10.212.200.101 (sslvpn client,
only this ip was assigned)3. only sslvpn ...
