Hot!Experience blocked outbound SSL VPN traffic

Author
cyber@ctive
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/07 03:29:40
  • Status: offline
2019/02/07 03:46:41 (permalink)
0

Experience blocked outbound SSL VPN traffic

Hello there!
 
Pardon me from asking, I am rather new to firewalls as recently my company has integrated a Fortigate 60E into a new infrastructure and most of the settings configured are the necessary ones to run the operation.
 
So just recently, one of my colleague try to SSL-VPN my vendor's network through the assigned credential to perform testing for a new system. When my colleague try to connect, FortiClient feedback "Cannot connect to VPN server" and I was wondering could it be our firewall (Fortigate 60E) that is blocking the outbound traffic?
 
I really need some assistance on this urgently, really hoping to get some answers soon.
 
Thank you guys in advance!
#1
lobstercreed
Gold Member
  • Total Posts : 125
  • Scores: 21
  • Reward points: 0
  • Joined: 2018/11/28 14:57:58
  • Location: Sedalia, MO
  • Status: offline
Re: Experience blocked outbound SSL VPN traffic 2019/02/07 18:00:04 (permalink)
0
Hi Tommy,
 
What port is the vendor's SSL-VPN running on?  If it's standard 443, then I would say no you're not blocking that or almost no websites would work for you.  You should be able to find pretty easily if you're blocking the traffic by searching the traffic from that user (assuming you're logging) and looking for traffic to that destination.  You'll need to check what host he is trying to connect to exactly (remoteaccess.companyxyz.com for instance) so you can identify the traffic.
 
- Daniel
#2
cyber@ctive
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/07 03:29:40
  • Status: offline
Re: Experience blocked outbound SSL VPN traffic 2019/02/11 00:12:26 (permalink)
0
Hi Daniel,
 
lobstercreed
What port is the vendor's SSL-VPN running on? 

 
The vendor is running on port 10443.
 
lobstercreed
You should be able to find pretty easily if you're blocking the traffic by searching the traffic from that user (assuming you're logging) and looking for traffic to that destination.  You'll need to check what host he is trying to connect to exactly (remoteaccess.companyxyz.com for instance) so you can identify the traffic.

 
Pardon me from asking but may I know how or where can I do so? on the firewall?
On the other hand, I was wondering could the anitvirus be blocking the connection?
 
-Tommy
#3
lobstercreed
Gold Member
  • Total Posts : 125
  • Scores: 21
  • Reward points: 0
  • Joined: 2018/11/28 14:57:58
  • Location: Sedalia, MO
  • Status: offline
Re: Experience blocked outbound SSL VPN traffic 2019/02/13 10:35:15 (permalink)
0
Hi Tommy,
 
Ah, yes you may be blocking it if it's 10443.  You will need to define a service for this under Policy & Objects and use it in the relevant outbound policies.
 
You can view logs on the firewall itself under Log & Report > Forward Traffic, but sometimes it is pretty limited as to what it will store.  We use a FortiAnalyzer or you can send your logs to FortiCloud.  Logging does have to be turned on for the relevant policies though (such as any deny policies), or you won't see what's happening.
 
I suppose the antivirus could be blocking the connection, but that depends on what you're using.  I don't have much experience with that.
 
- Daniel
#4
Jump to:
© 2019 APG vNext Commercial Version 5.5