Technical Note: Cannot connect to SSL VPN, FortiGate 5.4 (Windows 7 and XP)
Description
Scope
Solution
This article addresses the error message "Cannot connect to VPN. The VPN server could be unavailable." which may be seen when Windows 7 or Windows XP tries to connect to SSL VPN when using v5.4.
Scope
FortiGate All Models, Firmware v5.4
Solution
In firmware the protocols SSLv3 and TLSv1 are disabled by default. Both Windows 7 and Windows XP use these protocols to negotiate and connect through VPN SSL.
The solution is to enable these protocols on vpn ssl settings
The solution is to enable these protocols on vpn ssl settings
# config vpn ssl settingCare should be taken with the use of these two protocols, both are considered vulnerable. It is for this reason that the default setting is 'disabled' on firmware 5.4.
# set sslv3 enable
# set tlsv1-0 enable
# end