# config vpn ssl setting- For Linux clients, ensure OpenSSL 1.1.1a is installed.
set tlsv1-3 enable
end
root@PC1:~/tools# opensslIf OpenSSL 1.1.1a is installed, the system displays a response like the following:
OpenSSL> version
OpenSSL 1.1.1a 20 Nov 2018- For Linux clients, use OpenSSL with the TLS 1.3 option to connect to SSL VPN.
#openssl s_client -connect 10.1.100.10:10443 -tls1_3- Ensure the SSL VPN connection is established with TLS 1.3 using the CLI.
# diagnose debug application sslvpn -1The debugs will show the below:
# diagnose debug enable
[207:root:1d]SSL established: TLSv1.3 TLS_AES_256_GCM_SHA384FortiOS supports TLS 1.3 for policies that have the following security profiles applied:
Deep inspection (flow-based)
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.