Fortigate – Restart SSL VPN Process

*Note – Just did this on a 300D running 5.6.2 code. CPU was running at 100% and the SSL VPN process was the culprit. The connection status would stall at 40%, then quit at 75%. Killing the process with the notes below worked great. Also, I am pretty sure that their is a reference in release notes of 5.6.2 about CPU going crazy due to a bug.

If the Mem goes to high, and the device drops to conserv mode. The SSL VPN may stop working correctly, or at all.

A quick reboot of the firewall will fix this issue, but restarting the VPN process will also fix it (given the mem dropped). You can also restart any process with these commands.

To restart the process:

get system performance top – to get the process ID (PID) of the SSL VPN

get-pid

Looks like the PID of sslvpnd – 81

Next, we will kill the process with the kill command and use the level 11 – which restarts the process.

the command: dia sys kill <level> <PID>

dia sys kill 11 81

If you do the get sys per top command again, you will notice that the sslvpnd process now has a different PID.

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: