Starting an SSL-VPN CC test
FortiTester tests the DUT's ability to support concurrent SSL VPN tunnel connections by establishing a large number of concurrent SSL VPN tunnel connections and completing a full round of HTTP transactions through each tunnel.
To start an SSL-VPN CC test:
- In Performance testing, expand SSL-VPN and click CC.
- Click Create New.
- Configure the network or select a network template. See Using network configuration templates for how to create a network template.
- Select a Certificate Group, if applicable.
- Click OK.
- Configure the test case options described below.
- Click Start to run the test case.
FortiTester saves the configuration automatically so you can run the test again later. You can also click Save to save the test case without running it.
Tip 1: You can copy an existing case and change its settings to create a new case. In the case list, click Clone to clone the configuration. Only the case name is different from the original case. Tip 2: You can add or edit a comment when the test is running. This comment can be used to search for the test result in the Results page. This is useful especially when the test runs for a long time. |
SSL-VPN CC test case options
For details about the common options for SSL-VPN cases, see VPN test case common options.
Settings | Guidelines |
---|---|
Basic Information | |
VPN Host Group |
Specify VPN hosts defined under Objects > Host Group. A Host Group is comprised of Hosts e.g. abc.com = 1.1.1.1 . FortiTester will inject the hosts configured into SNI field (server name indication) within the TLS handshake. |
Load | |
Mode |
Simuser: Simulated users. Simuser simulates a user processing through an actions list one at a time. It allows you to determine the maximum number of concurrent users your device, infrastructure, or system can handle. NOTE: If you want FortiTester to create connections as fast as possible, set Mode to Simuser. For more information, see What is the difference between Connections per Second and Simulated Users? |
Tunnel Concurrent Connection |
The total number of tunnels created in the Throughput case. |
Ramp Up Time |
The duration in seconds for which new sessions can be opened, attempting to reach the desired Connections per Second configured. (Range: 0 - 300). NOTE: If FortiTester cannot reach the Connections per Second configured during the specified Ramp Up Time, it will keep the highest CPS it reached during the Ramp Up Time. |
Ramp Down Time | The duration in second during which the device ramps down the number of connections it is making. 0 will cause the FortiTester to cease generating sessions. (Range: 0 - 300). |
Tunnel Concurrent Connection |
Specify the number of concurrent connections. |
VPN Gateway Port | Specify the VPN gateway port number. |
Enable User Group |
Enable to simulate multiple user names. This allows FortiView to populate with more rich user name information, for example.
|
VPN Username | Enter the VPN username. |
VPN Password | Enter the VPN password. |
Certificate | The server certificate. If you have selected a certificate group in the Select case options window, then you are not allowed select certificate here. |
Think Time | The delay between client HTTP requests (unit: second). |
Client Network | |
Tunnel Mode | Select TCP or UDP. |