Description
This article provides solution if SSL VPN connection failing due to policy deny.
No logs on debug command related to SSL VPN during the issue.
Solution
Run debug command to check traffic of SSL VPN.
Go to policy & object -> ipv4 policy and 'Create New'.
This article provides solution if SSL VPN connection failing due to policy deny.
No logs on debug command related to SSL VPN during the issue.
# diag debug reset
# diag debug app sslvpn -1
# diag debug en
Solution
Run debug command to check traffic of SSL VPN.
# diag debug resetGetting error on policy deny as below:
# diag debug flow sh fu en
# diag debug flow filter addr <IP of sslvpn>
# diag debug flow trace start 100
# diag debug en
id=20085 trace_id=1273 func=fw_local_in_handler line=410 msg="iprope_in_check() check failed on policy 0, drop"Create specific policy from source interface from where connection getting initiated to Loopback interface.
Go to policy & object -> ipv4 policy and 'Create New'.
Post policy creation user is able to connect on SSL VPN.
