Skip to main content
A
Anonymous_User
Contributor
October 8, 2009
Question

Forticlient VPN and Verizon Air-Card

  • October 8, 2009
  • 9 replies
  • 5672 views
I have 4 users with the Verizon mobile broadband card and none of them can connect with the Forticlient VPN. The client connects with the Fortigate because I can see the logs on the firewall itself. Once it connects, it will not obtain an IP adddress; it just keeps spinning until it times out. If I put in a static IP address, it connects and obtains sets the IP address. However, the default gateway is automatically assigned as the IP Address + 1 (If I set 10.0.0.1 as the IP, it sets the gateway as 10.0.0.2). It will not allow me on the network, even though it' s connected. Is there anyone else out there that had issues with the Verizon cards connecting? Our local police use the Forticlient and the Verizon cards, so I know it works!!!

    9 replies

    A
    Anonymous_UserAuthor
    Contributor
    October 8, 2009
    We use Verizon Air Cards as well and it' s been working fine for us with SSL VPN. One thing we initially had trouble with was that Outlook would not connect to Exchange when using an Air Card and SSL VPN. It would work fine if not using an Air Card for Internet. If you go to the options in the Verizon software, check the box for NDIS mode and this solved the issue for us.
    A
    Anonymous_UserAuthor
    Contributor
    October 8, 2009
    I' m not sure if this makes a difference, but we are using IPSEC for the VPN tunnel. Checking the NDIS mode didn' t change anything. It' s definitely connecting to the Fortigate, it just won' t obtain an IP address. It works fine for any outside connection, just not with the air cards.
    A
    Anonymous_UserAuthor
    Contributor
    October 8, 2009
    I can' t really speak much to IPSEC VPN as I' ve never done it on the Fortigates. With SSL VPN we had to give the SSL VPN DHCP range it' s own subnet (a different subnet than the Fortigate) in order for it to work correctly. Don' t know if that' s the case with IPSEC or not.
    A
    Anonymous_UserAuthor
    Contributor
    October 8, 2009
    I read something about needing different subnets with previous software versions of the Fortigate software, but I have the latest version. I have 15 or so clients that work just fine. It' s only the air cards that give me an issue. They seem to connect and authenticate, but just won' t obtain an IP address. I' m just not sure if this is because of a setting in the firewall or the air card does something funky.
    A
    Anonymous_UserAuthor
    Contributor
    October 15, 2009
    Grady - Just curious, what client are you using to connect to the fortigate?
    A
    Anonymous_UserAuthor
    Contributor
    October 21, 2009
    I submitted this request to Fortinet tech support and the request went un-resolved. So, I ditched the IPSec and going with SSL and the SSL VPN Client. This works fine with the air cards.
    A
    Anonymous_UserAuthor
    Contributor
    October 21, 2009
    Probably not much use now, but to answer your earlier question we use 3.0.384 for all of our users. When I use our VPN I usually use the web portal. As far as the Verizon client, most users are using the VZ Access Manager 6.10.10. Interesting problem you were having, I don' t have a clue what it was. In my opinion, SSL VPN is better than IPsec in most cases anyway.
    A
    Anonymous_UserAuthor
    Contributor
    October 21, 2009
    I agree, the SSL connection is much simpler. I' m not thrilled about how the web portal requires all of those Java programs to run. It seems very resource heavy. I guess once you load it up for the first time it isn' t too bad.
    A
    Anonymous_UserAuthor
    Contributor
    October 22, 2009
    Yeah, it' s a pretty big hassle getting all the java/activex/other nonsense installed the first time you connect using the web portal, but it' s very quick and easy every time after that. There is also a little mini SSL VPN application you can download and have your clients connect to VPN with if you don' t want to use the web portal.
    A
    Anonymous_UserAuthor
    Contributor
    October 22, 2009
    I' m using the client. I can get the portal to work, but I can' t access any of my network devices. Something isn' t open. Our ERP provider claims he cannot connect with either. Very frustrating.
    Terms & ConditionsAccessibility statement