Skip to main content
Uwe_Sommerfeld
Uwe_Sommerfeld
New Member
June 22, 2017
Question

Forticlient EMS 1.2: unable to define an IPSEC VPN without xauth user prompt

  • June 22, 2017
  • 1 reply
  • 4490 views

Hi everyone,

 

I need to use an IPSEC VPN connection for automatic dial-in using (machine) certificates. This used to work in EMS 1.0.5 using an XML configuration that disables xauth.

However the xml parser in EMS 1.2 seems to always add

<xauth>

<enabled>1</enabled> 

and

<username></username>

 

I tried to implement a dummy xauth user as a workaround but the username gets deleted as well.

 

So I am stuck here with no more working VPN connection and it seems I need a downgrade. However I need to use compliance as well which did not seem to work with EMS 1.0.5.

 

Any ideas?

 

Uwe

 

    1 reply

    ergotherego
    ergotherego
    New Member
    June 22, 2017

    There is a bug in the XML parser in EMS 1.2 - its in the release notes under known issues. It screws up some other things as well, like the port to use in the remote gateway for SSLVPN.

     

    You can try to push it to a client anyway, and see what settings they actually receive. TAC told me that it should be limited to the XML parser only, and not actually affect the settings pushed.

    Uwe_Sommerfeld
    Uwe_SommerfeldAuthor
    New Member
    June 22, 2017

    Yeah well I tested this and my Settings are never pushed though. So EMS 1.2 is unusable for me.

    Terms & ConditionsAccessibility statement