Skip to main content
TheITGuy
TheITGuy
New Member
September 28, 2014
Question

FortiClient wipes saved password, save pw option, and always up option

  • September 28, 2014
  • 3 replies
  • 24144 views
Hi all, I' ve had an on going issue with the Windows FortiClient, with pretty well all versions of 5 upwards at least. I use client certificate authentication, and enable save password, auto connect, and always up. Most of the time the FortiClient connects, but if it fails to connect after a few attempts (either manually or automatically) the following get reset: - the saved password - the option to save password - the option to always up At this point the VPN will never connect unless the user realises, then goes and enters their password and ticks both boxes. Does anyone else have this problem? Currently on v5.2.1 but still on going. Thanks

    3 replies

    mmar5540
    mmar5540
    New Member
    September 29, 2014
    Hi, check on FortiGate side setting for IPsec phase1-interface cli parameter: save-password/client-auto-negotiate/client-keep-alive. This parameters must be enable.
    kolawale_FTNT
    Staff
    kolawale_FTNT
    Staff
    September 29, 2014
    As stated by mmar5540, starting with FortiClient 5.0.2, these features must be enabled on the FortiGate, for them to be usable on FortiClient. See page 108 of FortiClient Admin Guide: http://docs.fortinet.com/uploaded/files/1975/forticlient-admin-52.pdf
    TheITGuy
    TheITGuyAuthor
    New Member
    October 7, 2014
    Hi there, This is not the issue. This has been enabled on our FortiGate since way back, and all the clients get the three check boxes and are able to tick all three boxes. The issue is that occasionally, if the Forticlient fails to connect it then wipes the saved password and the Save Password and Always Up buttons become unchecked. Auto Connect remains checked. At this point the password is lost so even if you restart the client will not auto connect. I' ve had this problem on different laptops and with different versions of FortiClient v5. So I wanted to see if anyone else ever had this issue.
    Chris_Lin_FTNT
    Staff
    Chris_Lin_FTNT
    Staff
    October 8, 2014
    When the authentication fail for VPN, it will remove the saved password, so that users get a chance to enter correct password. But if it fails to connect for other reasons, I think it should not remove the saved password. Are you using IPSec or SSL? Do you know why it fail to connect?
    Terms & ConditionsAccessibility statement