- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: FortiClient SSL VPN Disconnecting continously
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
FortiClient SSL VPN Disconnecting continously
Hi,
We are using FortiGate firerwall(v7.2.5 build1517) and the FortiClient SSL VPN(v7.0.70345) on all our laptops, the problem is that the FortiClient VPN keeps on disconnecting even though the internet connection is available on the laptops. This is happening intermediately.
Can you please advise what could be the cause of this issue?
Thank you in advance
Kind Regards,
Abel
Solved! Go to Solution.
Labels:
- Labels:
-
FortiGate
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello jsanjay ,
Please check the connectivity of Remote gateway .
In our case there was a packet drop in the Remote gateway server ip add .
17 REPLIES 17
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello Abel,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Anthony-Fortinet Community Team.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi there,
Can you link this issue to any change in your environment?
Have you tested other devices/FortiClient versions?
Is it possible for an effected user to use for a while web ssl portal instead of FCT tunnel mode?
That should help to identify if the issue is on firewall or client side.
https://docs.fortinet.com/document/fortigate/6.4.13/administration-guide/100733/ssl-vpn-web-mode
Did sslvpnd crash when the user reported the issue, are there other services crashing?
diag debug crashlog read
How's cpu/mem usage looking?
dia sys top
Check cpu/mem graphs, any spikes when the issue is reported?
Please follow the steps in this doc.
If no joy with these steps and web ssl portal cannot be used, or it has the same issues as FortiClient I can only think of running this debug on the firewall for longer and hope to capture the issue.
Identify a user, get the public IP address and filter for it in the debug.
Record the output to a file.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-create-a-log-file-of-a-session-usin...
Check what is the impact on the CPU/mem before leaving it on for a long time.
diagnose sniffer packet wan1 "host 1.1.1.1 and icmp" - this should keep putty/ssh sessions alive, that's the only reason is there.
If you manage to capture the issue, submit the debug to Technical Support along with a firewall config backup and tac report.
diagnose debug reset
di de duration 0
diagnose debug cons time en
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
dia vpn ssl debug-filter src-addr4 <CLIENTPUBLICIP>
diagnose debug enable
diagnose sniffer packet wan1 "host 1.1.1.1 and icmp"
to disable, "di de di"
I hope this helps.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are facing same problem as mentioned by the USER :- ABEL .
We are using FortiGate firerwall(v7.2.5 build1517) and the FortiClient SSL VPN(v7.0.70345)
We have troubleshoot the all the possible measures suggested by " cchiriches" and " ndumaj " but couldnot succeed .
Please help us in solving the issue as soon as possible.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Gauravb,
We will have to take the sslvpn debug and enable debug in the forticlient to analyze further.
https://community.fortinet.com/t5/FortiClient/Technical-Tip-How-to-enable-debug-log-in-FortiClient/t...
Regards,
Vimala
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Beside all the debugs presented above.
Also do a quick check of the idle timeout value under "config vpn ssl settings"
Default value is 300 sec:
https://docs.fortinet.com/document/fortigate/7.2.5/cli-reference/364620/config-vpn-ssl-settings
BR
- Happy to help, hit like and accept the solution -
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
In addition to existing information, I have some follow-up questions;
- Enable DTLS on all user's FortiClients. [Recommendation]
- Have you verified if the issue is happening to just WiFi users but Ethernet-connected users?
- Have you also checked if the users having this problem are connected via the same ISP?
- Have you considered upgrading the FortiGate to the latest available patch in that branch?
Jay Patel
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I've been experiencing an problem with my FortiGate firewall (running v6.4.3) and FortiClient VPN (v6.4.0). The issue is that my VPN connection keeps dropping intermittently, despite having a stable internet connection on my devices. It's quite frustrating as it disrupts my work and remote access. I've checked my network stability, reviewed firewall settings, and ensured my VPN configuration is accurate.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We're encountering persistent disconnections with Forti Client SSL VPN (v7.0.70345) while maintaining an active internet connection on laptops. Despite internet availability, intermittent disruptions continue to arise. Our infrastructure, running FortiGate firewall (v7.2.5 build1517), is affected by this issue, requiring a solution to ensure stable VPN connectivity.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
What is the OS of FortiClient machine? Is it Window 11? Have you tried with Wifi and Ethernet?
Related Posts
- SSL VPN on LTE Disconnecting Frequently 188 Views
- FortiClient - irregular disconnect for no... 183 Views
- FortiClient VPN Connect/Immediate Disconnect 700 Views
- FortiClient VPN - Error 6005 10282 Views
- DNS Issue Forticlient Windows 10 419 Views
Labels
-
FortiGate
6,562 -
FortiClient
1,308 -
5.2
801 -
5.4
639 -
FortiManager
566 -
6.0
416 -
FortiAnalyzer
415 -
5.6
362 -
FortiSwitch
336 -
FortiAP
336 -
FortiClient EMS
267 -
6.2
251 -
FortiMail
243 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
151 -
6.4
128 -
FortiNAC
107 -
FortiGuard
102 -
FortiSIEM
89 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
71 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
61 -
Wireless Controller
58 -
FortiProxy
45 -
FortiADC
43 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
32 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
25 -
Firewall policy
24 -
FortiConnect
24 -
FortiWAN
22 -
VLAN
21 -
FortiConverter
21 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiAuthenticator
15 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
FortiGate v5.0
12 -
Routing
12 -
Interface
12 -
FortiCASB
12 -
Logging
11 -
LDAP
10 -
Virtual IP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
SSL SSH inspection
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
IP address management - IPAM
7 -
4.0
7 -
Security profile
6 -
Authentication
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
Traffic shaping policy
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
Proxy policy
4 -
packet capture
4 -
WAN optimization
4 -
Web application firewall profile
4 -
Automation
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
Port policy
4 -
FortiScan
4 -
IPS signature
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Web profile
3 -
DoS policy
3 -
Intrusion prevention
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
Fortinet Engage Partner Program
2 -
4.0MR1
1 -
TACACS
1 -
Users
1 -
Schedule
1 -
SDN connector
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Web rating
1 -
FortiManager-VM
1 -
Email filter profile
1 -
Multicast routing
1 -
Internet Service Database
1 -
Zone
1 -
Explicit proxy
1 -
Protocol option
1 -
System settings
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.