Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CARP + Forticlient SSLVPN random disconnect

    Scheduled Pinned Locked Moved HA/CARP/VIPs
    2 Posts 1 Posters 421 Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • X
      xebec168
      last edited by

      I'm running PFSense 2.4.5-RELEASE (amd64) HA with CARP setup. Noticed something very strange when working with Fortinet SSLVPN.

      When there was only one single PFSense (No HA), I can use the FortiClient software to dial SSLVPN to my other network, and it works fine.

      After successfully setting up HA, the SSLVPN connects but once there is traffic going on over the SSLVPN, it get random disconnection and I don't see any log in firewall or Suricata Alert. The FortiClient log also just says "Disconnect" but no other valuable info.

      Strangely if I goto PFSense Master Node / Status / CARP --> Enable Maintenance Mode, the SSLVPN works great and will not disconnect.

      Once I disable the Maintenance Mode my SSLVPN get's random disconnect.

      Is this a bug or any setting I didn't do right?

      1 Reply Last reply Reply Quote 0
      • X
        xebec168
        last edited by xebec168

        I found the problem.

        I was using Hybrid NAT. After switching to Manual NAT and set all NAT Address to "CARP VIP" the problem is solved. 😓

        ==============
        Update: Still not working... Getting Random Disconnect again...☹

        Update 2: If I Enable CARP Maintenance Mode, connect Fortinet SSLVPN, and disable CARP Maintenance Mode, the VPN will stay stable and no drop of connection.

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.