I am having an issue finding and then matching the "subject" of the user certificate for the users I created in this walk-through. From the directions, I get the feeling they expect you to know this, which I don't. Hopefully this makes sense and someone can help me out.
Currently, I am unable to connect to my VPN and feel this might be the issue.
Try to enable debug CLI: dia debug app fnbam -1, it will show up PKI user/Certificate match.
FGT will check certificate send from browser with PKI user match, in this case, "Set subject User01". The certificate import to your browser (IE/Firefox) should have Subject like "C = US, ST = California, L = Sunnyvale, O = Fortinet, OU = FortiGate, CN = User01, emailAddress = support@fortinet.com".
Thank you for the tip. I typed in the command, but there was no output. I might not completely understand what you are asking me to do. Am I suppose to look somewhere else for the output?
