If you're managing a FortiGate firewall, it's time to take note of a critical change in FortiOS 7.6.3: SSL VPN tunnel mode is no longer supported. This change affects all FortiGate models, and settings related to SSL VPN tunnel mode will not be carried over during an upgrade.
❌ What’s Changing?
Starting with FortiOS 7.6.3, Fortinet has removed both GUI and CLI support for SSL VPN tunnel mode. This means:
Existing configurations will not be upgraded.
You will no longer see tunnel mode options in the interface.
Remote access via SSL VPN tunnel mode will stop working after the update unless migrated.
✅ What You Need to Do
To maintain uninterrupted remote access for users and admins, Fortinet recommends migrating to IPsec VPN before upgrading to 7.6.3.
🔄 Migration Path
Fortinet has published detailed guides to help you move from SSL VPN tunnel mode to IPsec VPN. These resources walk you through:
Backing up current configurations.
Creating equivalent IPsec VPN policies.
Testing access before and after the upgrade.
This move aligns with Fortinet’s effort to strengthen VPN security standards. IPsec VPN offers robust encryption and better performance, making it a reliable alternative to the deprecated SSL tunnel mode.
If you haven’t already, review your current VPN setup and plan your migration now to avoid access issues post-upgrade.
Top comments (1)
FortiGate 100F appliance uses IPSec technology and is experiencing widespread connectivity issues when a user connects via a VPN. This occurs across 20 branches, each with 20 users.
not work when make to 2 or more ipsec users
192.168.0.1 gurop 1
192.168.1.1 gurop 2
192.168.2.1 gurop 3
192.168.3.1 gurop 4