Troubleshooting VPN
With the tools we have explained, we are able to troubleshoot VPN connections. We can start with SSL VPN debugging and follow the steps suggested in the Debugging FortiGate configurations document (http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_ts_debug.html). The steps are as follows:
- Verify the current debug configuration with the
diagnose debug info
command. - Display debug messages for SSL VPN using the
diagnose debug application sslvpn -1
command. - Use
diagnose debug enable
to display debug messages.
Any error will be shown on screen. To debug an IPSEC site-to-site VPN connection, a good list of steps is the one posted by Yuri Slobodyanyuk in his blog: http://bit.ly/hzREm1. The steps are as ...
Get Getting Started with FortiGate now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.