O'Reilly logo

Getting Started with FortiGate by Fabrizio Volpe, Rosato Fabbri

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Troubleshooting VPN

With the tools we have explained, we are able to troubleshoot VPN connections. We can start with SSL VPN debugging and follow the steps suggested in the Debugging FortiGate configurations document (http://docs.fortinet.com/cb/html/index.html#page/FOS_Cookbook/Install_advanced/cb_ts_debug.html). The steps are as follows:

  1. Verify the current debug configuration with the diagnose debug info command.
  2. Display debug messages for SSL VPN using the diagnose debug application sslvpn -1 command.
  3. Use diagnose debug enable to display debug messages.

Any error will be shown on screen. To debug an IPSEC site-to-site VPN connection, a good list of steps is the one posted by Yuri Slobodyanyuk in his blog: http://bit.ly/hzREm1. The steps are as ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required