Skip to content
The XG Series hardware appliances will reach end-of-life (EOL) on March 31, 2025. Click here to see the XG to XGS migration documentation.

Tunnels disconnect and reconnect

If remote access SSL VPN tunnels disconnect and reconnect, check the following settings.

  • Scenario


    • Idle and dead peer settings
    • SSL VPN global settings
    • DoS & spoof protection

Frequently disconnects and reconnects

If all users face the issue, enter higher values for the following settings:

  1. Disconnect dead peer after
  2. Disconnect idle peer after

If only some users face the issue, do as follows:

  1. Go to Remote access VPN > SSL VPN.
  2. In the users' SSL VPN policy, turn on Disconnect idle clients.
  3. Under Override global time-out, enter a higher value.

Occasionally disconnects and reconnects

SSL VPN global settings

Check if you made changes to the following SSL VPN global settings. These can cause the tunnel to disconnect and reconnect.

  • Leased addresses

    • Assign IPv4 addresses
    • Assign IPv6 addresses
    • Lease mode
    • Use static IP Addresses
  • DNS and domain name

    • DNS changes
    • IPv4 DNS
    • IPv4 WINS
    • Domain name

Users can redownload and import the .ovpn configuration file to the client. See When will SSL VPN users need to redownload the configuration file.

SSL VPN policy

  1. Go to Remote access VPN > SSL VPN.
  2. Under Permitted network resources in the policy, make sure you haven't selected the firewall's WAN ports.

Note

To apply the changes to SSL VPN policies, users must disconnect and reconnect the tunnel. These changes don't automatically disconnect connections.