44 user1 ssl-tunnel 4417 62971290 41629175 21342115
78 user1 ssl-web 4443 0 0 0This is expected behaviour as visible from 'tunneltype' attribute.
In the above example 'tunneltype = SSL-web' means the traffic is going through SSL-web and 'tunneltype = SSL-tunne'" means the traffic is going through SSL-tunnel.
When using only tunnel mode, the SSL-web is used for authentication.
Therefore, after the tunnel is established, there will be no traffic going through SSL-web, all traffic will go through SSL-tunnel.Thus the recorded bytes for SSL-web is 0.
Even is SSL VPN web mode is disabled, logs for both Tunnel as well as web mode will be get.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.