This article describes how to troubleshoot the error ‘connection reset while accessing SSL VPN web mode’.
Scope
FortiGate.
Solution
When running an SSL VPN debug, the following errors are observed:
Checking SSL VPN config shows that the option ‘source-interface’ is set under the SSL VPN setting authentication rule:
config vpn ssl settings set servercert "FCIC" set tunnel-ip-pools "SSL-VPN-Pool" set source-interface "port1" set source-address "all" set source-address6 "all" set default-portal "tunnel-access" config authentication-rule edit 1 set source-interface "port2" set source-address "all" set groups "IFRS17-Grp" set portal "tunnel-access" end
When this option enabled, it will override the global setting and port 1 will never listen for connections: only port 2 will. Unset this option to allow port1 to listen and establish a new connection.