Troubleshooting VPN

With the tools we have explained, we are able to troubleshoot VPN connections. We can start with SSL VPN debugging and follow the steps suggested in the Debugging FortiGate configurations document (http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_ts_debug.html). The steps are as follows:

Verify the current debug configuration with the diagnose debug info command.
Display debug messages for SSL VPN using the diagnose debug application sslvpn -1 command.
Use diagnose debug enable to display debug messages.

Any error will be shown on screen. To debug an IPSEC site-to-site VPN connection, a good list of steps is the one posted by Yuri Slobodyanyuk in his blog: http://bit.ly/hzREm1. The steps are as ...

Get Getting Started with FortiGate now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Getting Started with FortiGate by Rosato Fabbri, Fabrizio Volpe

Troubleshooting VPN

Don’t leave empty-handed

It’s yours, free.

Check it out now on O’Reilly