FortiClient VPN for Linux v7.0.1.0057_amd64.deb MFA with FTK not working

Question

Neither FortiClient VPN for Linux v7.0.0.0018_amd64.deb nor FortiClient VPN for Linux v7.0.1.0057_amd64.deb MFA with FortiToken and local FortiGate user is not working, when connecting to FortiGate with FOS 7.0 installed.

OS Ubuntu 20.04 LTS x64 Desktop should work, as stated in release notes (Ubuntu 16.04 or later).

There seems to be no issues with other OS-es (Windows, MacOS, ...).

Linux client error is: "Login failed: Insufficient credential(s). Please check the password, client certificate, etc.". I tried both GUI and /opt/forticlient/vpn programs (vpn as root).

Fortigate error is: SSL VPN login fail; Action: ssl-login-fail; Reason: sslvpn_login_permission_denied

When it should prompt for the FTK token, it bails out.

I also attached debug logs from FortiGate (sslvpn -1; fnbamd -1).

Is this a known issue or...?

Regards,

Uros

Anonymous_User · Answer

Hello Uros

I would like to have the debug re-run with this debug on, fnbamd and sslvpnd

#dia de reset

#dia de console timestamp en

#dia de app fnbamd -1

#dia de app sslvpn -1

#dia de en

From your previous log, the first thing that comes in mind is that the usergroup where your username belongs , is not refereneced in the SSLVPN firewall policy under sslvpn.root interface

Regards

Edvin.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded