Skip to main content
tomsej
tomsej
New Member
October 24, 2014
Question

FortiClient not working in OS X Yosemite

  • October 24, 2014
  • 12 replies
  • 35932 views

Hi,

 

I just upgraded from OS X Maverick to Yosemite and it seams Forticlient has some issues on it. I installed forticlient 5.2 without any problems. When I try to connect to a VPN, it is successfully completed. Also network interface ppp0 is created. But I cannot ping any machine in the network.

 

Has someone similar problems? Does anybody know how to solve this problem? I had no problem in Maverick.

12 replies

Mark
Mark
New Member
October 29, 2014

I'm experiencing somewhat similiar. I can connect the SSL VPN from OSX Yosemite, but can't reache my SMB Windows fileshares through their DNS name? If I connecto on IP everything works fine.

 

 

Chris_Lin_FTNT
Staff
Chris_Lin_FTNT
Staff
October 29, 2014

FCT MAC 5.2.2 will address this issue. It will probably be available for fresh install or manual upgrade in a few days.

Mark
Mark
New Member
October 31, 2014

Chris.Lin wrote:

FCT MAC 5.2.2 will address this issue. It will probably be available for fresh install or manual upgrade in a few days.

 

I have just installed the 5.2.2 update which indeed states in the release notes OSX 10.10 support.

Still encounter the same issue. I have a ticket open with Fortinet support.

surjithmeethal
surjithmeethal
New Member
October 31, 2014

Facing same issue.

Latest version available for download  is  5.2.1.356 (http://www.fortinet.com/resource_center/product_downloads.html ).

Please share the link from where 5.2.2 version can be downloaded. or is there a release date for the same

 

  

mas1971
mas1971
New Member
November 3, 2014

I ´ve got a brand new MACBOOK with Yosemite 10.10 running Forticlient 5.2.1. It works. I can connect to Fortigate 60D and start RDP Session to the Windows Servers.

The only thing, who doen´t work is:

Internet on the macbook ist blocked while the VPN Tunnel (IPSEC) is working.

Chris_Lin_FTNT
Staff
Chris_Lin_FTNT
Staff
November 3, 2014

Does your IPSec use split-tunnel? Does your routes look right after IPSec is connected?

mas1971
mas1971
New Member
November 4, 2014

Chris.Lin wrote:

Does your IPSec use split-tunnel? Does your routes look right after IPSec is connected?

I dont use Split-Tunnel.

I added a route in the Fortigate for VPN Connection to enter Internet. So it works for the moment. Thanks.

The Performance ist a little bit low, because all other (client) internet trafic will be route through VPN Tunnel and main office internet connection.

 

I know, in my old configuration with Windows PC (Ok i startet with Fortios 3.x) i dont need a additional routing.

The main traffic from client side was routet directly to the client internet access and only the private traffice was routet through VPN to the office. (Yes i know about the security issues.)

surjithmeethal
surjithmeethal
New Member
November 4, 2014

I have added google DNS to my network configuration. That helped.

emnoc
emnoc
New Member
November 4, 2014

Same here, my forticlient b536 works fine on 10.10 , but I had problem with a 2nd MACOSX  running X.X & had to delete and rebuild the user.

 

What I would do is to monitor the firewall by doing the following;

 

diag debug reset

diag debug en

diag debug app sslvpn -1

 

launch  the client and monitor the output that's generated. It might give you clues as to what's happening.

Make sure you have the proper port and ssl group for the policy(s) in question. Be cautious of any errors such as;

[I

[67:root]Require client certificate for jsmaithuser01

jweber
jweber
New Member
December 9, 2014

Any idea when 5.2.2 will be released? I'm also having DNS issues on Yosemite, and I'd like to see if 5.2.2 fixes them.

KM_FTNT
Staff
KM_FTNT
Staff
December 9, 2014

FortiClient v5.2.2 has already released.

jweber
jweber
New Member
December 9, 2014

Okay, thanks. The "Check for Updates" didn't work, but I downloaded it.

jweber
jweber
New Member
December 11, 2014

Is anyone else still having DNS issues with 5.2.2 and Yosemite?

 

Very often, my system fails to resolve DNS queries for specific hosts on the VPN. When it happens for a particular host, any app that uses the system's DNS resolver (discoveryd) fails for that host, but direct DNS lookups using "host" work fine, with the same DNS server. If I use Wireshark, I can see the DNS server returning the expected IP address.

 

Then after a few minutes, the same host will start working again.

 

I can't be sure this is Forticlient's problem, but it only happens with hosts on the VPN. Any idea what could cause this?

rwdorman
rwdorman
New Member
December 19, 2014

I have also found that the 10.10.1 update significantly made FortiClient less fussy.  I'm going to install the 10.10.2 beta next week and see how it likes that.

jweber
jweber
New Member
December 19, 2014

Wish I could say the same....I'm having these issues with 10.10.1.

emnoc
emnoc
New Member
December 20, 2014

I'm on 5.2.2.364 FC MACOSX 10.10.1, no issues here either.

Show more replies
Terms & ConditionsAccessibility statement