Fortigate – Restart SSL VPN Process
August 26, 2014
Posted by on
*Note – Just did this on a 300D running 5.6.2 code. CPU was running at 100% and the SSL VPN process was the culprit. The connection status would stall at 40%, then quit at 75%. Killing the process with the notes below worked great. Also, I am pretty sure that their is a reference in release notes of 5.6.2 about CPU going crazy due to a bug.
If the Mem goes to high, and the device drops to conserv mode. The SSL VPN may stop working correctly, or at all.
A quick reboot of the firewall will fix this issue, but restarting the VPN process will also fix it (given the mem dropped). You can also restart any process with these commands.
To restart the process:
get system performance top – to get the process ID (PID) of the SSL VPN
Looks like the PID of sslvpnd – 81
Next, we will kill the process with the kill command and use the level 11 – which restarts the process.
the command: dia sys kill <level> <PID>
dia sys kill 11 81
If you do the get sys per top command again, you will notice that the sslvpnd process now has a different PID.