With the tools we have explained, we are able to troubleshoot VPN connections. We can start with SSL VPN debugging and follow the steps suggested in the Debugging FortiGate configurations document (http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_ts_debug.html). The steps are as follows:
diagnose debug infocommand.
diagnose debug application sslvpn -1command.
diagnose debug enableto display debug messages.
Any error will be shown on screen. To debug an IPSEC site-to-site VPN connection, a good list of steps is the one posted by Yuri Slobodyanyuk in his blog: http://bit.ly/hzREm1. The steps are as ...