Description
Solution
To enable DTLS on SSL VPN, run the following commands:
config vpn ssl settings
set dtls-tunnel enable
end
This has been enabled by default since 5.4.
If the client(s) are still using TCP, check FortiClient settings to ensure that the option 'Preferred DTLS Tunnel' is checked in the settings. If the option is greyed out, select the padlock on the top right to unlock it (Screenshot below). See the FortiClient help article for more information: VPN options.
When FortiClients are managed by EMS, the DTLS option cannot be enabled directly on the FortiClient console. Changes need to be pushed by the administrator from EMS.
Related article:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.