This article describes why there may be blank output when running SSL VPN debug commands. This assumes that traffic is confirmed to be hitting the FortiGate SSLVPN interface in a sniffer debug.
Scope
FortiGate.
Solution
The SSL VPN debug commands provided by TAC will generate output when attempting to connect to the SSL VPN.
Basic SSL VPN debugs will be:
diag debug disable diag debug reset diag debug application sslvpn -1 diag debug enable
If there is no output, there must be a filter in place. To clear the filter, run the following command:
diag vpn ssl debug-filter clear
Attempt to connect to the SSL VPN again. This will generate output that can be shared with TAC.