Troubleshooting Tip: FortiClient VPN connection Issue with Sophos Central Endpoint on Mac

Description

This article describes a troubleshooting guide for resolving the FortiClient VPN connection issue that occurs when Sophos Central Endpoint is installed on a Mac. The issue is caused by Sophos interfering with FortiClient's socket, preventing the VPN connection from establishing.

Scope

FortiClient.

Solution

To resolve the issue, follow these steps:

1. Sophos reported a known error 'MACEP-10071' related to FortiClient. This is solved with the next configuration via XML.

<enable_multi_vpn>1</enable_multi_vpn>

<allow_concurrent>1</allow_concurrent>

2. Ensure that macOS and Sophos allow the processes listed on: FortiClient (macOS) processes.
   
   

3. Verify that the Sophos Central Endpoint is configured to exclude the FortiClient socket. The sockets are located at:

·/Library/Application Support/Fortinet/FortiClient/vpn/*/ukey.sock.

·/var/run/ukey.sock"

·"/var/run/cctrl.sock"

·"/Library/Application Support/Fortinet/FortiClient/vpn/*"

4. If the issue persists, try disabling the Sophos Central Endpoint and then re-enabling it to see if the issue resolves itself.
   
   

5. If the issue persists, contact Sophos support to request assistance with configuring the product to work with FortiClient.

Additionally, it is recommended to review the FortiClient logs and the Sophos Central Endpoint logs to identify any errors or issues that may be contributing to the problem.

For more information on configuring FortiClient, refer to the FortiClient Administration Guide.