Troubleshooting Tip : Windows 7 users are unable to connect to SSLVPN due to DH-Params mismatch.
| Description | This article describes how to fix the problem wherein Windows 7 users encounter the FortiClient message 'The server you want to connect to requests identification, please choose a certificate and try again.(-5)' when connecting to SSLVPN. |
| Scope | FortiGate. |
| Solution |
Problem.
In this example, the FortiGate was using 8192 DH Params on its settings:
Solution.
# config sys global unset dh-params end
Unsetting DH-params will revert its value to the default one which is 2048.
Results.
PS: Note however that this article is one of the possibilities in relation to this error as it could also mean other things and points to other problems. |