Please take the time to post below to help the next technical traveller. If you come up with a different fix, or one that didn’t work for me, but worked for you. You’re trying to cone too eh SSL VPN fro BEHIND the FortiGate (not outside).Your AD user has “ user must change the password on next login” enabled.Your AD password is using some ‘ Odd Characters“, (test with an alphameric password).Theres no firewall policy for the SSL VPN Traffic ( See this article).Active Directory User Account (Account or Password Expired).Other possible fixes I found on my trawl – that were not applicable to me Note: Please uninstall any previous version of Forticlient before. Secondly I looked at my SSL VPN Settings and noticed the group was set to a firewall group and NOT my LDAP (Active Directory) group. 1 Windows Fortinet SSL VPN Client Installation & Configuration. Firstly I uninstalled the FortiClient, and installed the latest version. In the end I changed TWO things and it started to work. Removed for tunnel connection setup timeout. Then I debugged the SSL VPN and got the following error
In my case all of these DID NOT solve my problem, I’ve seen strange errors with LDAP username and passwords, so I made sure the firewall could ping the FQDN of the LDAP server, and it successfully authenticated me (I’ve seen the GUI auth test work, and the command line one fail in the past). Security > Trusted Sites (set slider to Medium) > Sites > Add in the URL my FortiClient was trying to reach, (yours will be a public IP or DNS name) > Close.Īdvanced Tab > Security > Tick Use SSL 3.0 > Apply > OK.
0 kommentar(er)
