IC Knowledge Base

Fortigate SSL/TLS Handshake fails

In some circumstances when using WiFi clients browsing to SSL/TLS server hosts you will see "TLS timeout" or "TLS handshake error"


This can be caused by setting the WiFi interface on the fortigate to default (1500) As the WiFi encryption overhead coupled with the IPSec overhead AND the SSL/TLS bits needed the MTU will be exceeded

Set the WiFi Interface as follows


con sys int 

edit "interface name"

set mtu-override enable

set mtu 9000




0 (0)
Article Rating (No Votes)
Rate this article
Attached Files
There are no attachments for this article.
There are no comments for this article. Be the first to post a comment.
Security Code Security Code
Related Articles RSS Feed
Internet Central Limited, Innovation Centre, Keele Science Park, Keele, Staffordshire ST5 5NB
Registered Office: Ivy House Foundry, Hanley, Stoke-on-Trent, ST1 3NR
Registered in England: Reg No. 03079542 VAT Reg No. GB 278 923 705
Contact Us |Terms & Conditions |Legal, Privacy and Cookies
All prices exclude VAT E.&O.E © 2015 Internet Central

All trademarks and logos appearing on the site are the property of their respective owners