No response from SSL VPN URL | Check SSL VPN port assignment (default 10443). Verify the SSL VPN security policy. |
Error: “The web page cannot be found.” | Check URL: https://<FortiGate_IP>:<SSLVPN_port>/remote/login |
Tunnel connects, but there is no communication. | Check that there is a static route to direct packets destined for the tunnel users to the SSL VPN interface. See “Routing for tunnel mode”. |
Tunnel-mode connection shuts down after a few seconds | This issue occurs when there are multiple interfaces connected to the Internet, for example, a dual WAN configuration. Upgrade to the latest firmware then use the following CLI command: config vpn ssl settings set route-source-interface enable end |
Error: “Destination address of Split Tunneling policy is invalid.” | The SSL VPN security policy uses the ALL address as its destination. Specify the address of the protected network instead. |
When trying to connect using FortiClient the error message “Unable to logon to the server. Your user name or password may not be configured properly for this connection. (-12)” appears. When trying to login to the web portal, login and password are entered and login page will be sent back. | Cookies must be enabled for SSL VPN to function in Web portal or with FortiClient. Access to the web portal or tunnel will fail if Internet Explorer has the privacy Internet Options set to High. If set to High, Internet Explorer will: Block cookies that do not have a compact privacy policy. Block cookies that use personally identifiable information without your explicit consent. |