New Member

Question

iOS FortiClientVPN SSO/SAML displaying blank page

Forum|Forum|4 years ago
February 9, 2022
14 replies
28081 views

Hi

I have a issue I hope someone here can assist me with!

My customer uses FortiClientVPN on +40 Windows clients, using SSO/SAML to connect to a FortiGate 1500D through O365 Azure - and it works flawlessly. 1500D firmware is v6.4.7,build1911,210825 (GA).

The customer has a number of Apple iPads, where I have been trying to get the FortiClient VPN app to work. But when connecting the logon page to O365 is just blank, it never loads the webpage. The settings are exactly the same as the Windows clients. I have tried with iOS devices that run version 15.2.1 and 12.5.5. There result is also the same if I use a trial for the "FortiClient" paid app.

I thought maybe it's a browser issue, so I tried changing the default browser on the iOS devices to both Chrome and Firefox, but nothing changed. I'm not sure if the FortiVPN app even registers the change.

See the screenshot below showing what I mean with the "blank page".

Please advise - and thanks in advance! :)

FortiClient

A

Anonymous_User

Contributor

Hello @jespera

Welcome to Fortinet community and Thank you for your post. Hopefully, you've been keeping safe and doing well!

We see you are facing the issue with Forticlient VPN SSO login. We will have this looked and will reach you back as soon as possible.

You should receive an update from one of the team member soon. Thanks for your patience on this.

Regards

jesperaAuthor

New Member

Hi Aashiq

Thanks for your reply, it would seem though that no one have anything to contribute with - sadly.

But thanks anyway.

kkhylla

Explorer

Hello,

we currently have the same challenge. As soon as we find something, I would report back here.

jesperaAuthor

New Member

Glad i'm not the only one, hope you find a solution. I will post here if I find one or have something new to contribute with.

Belshire

New Member

Just trying to bubble this to the top. I was having the same issue with one user on an iPhone 11. My iPhone 13 works fine. Hoping someone has a fix. It seems like the Office365 login page just isn't rendering in the browser that pops up. All you see is the CANCEL button at the top.

Debbie_FTNT

Staff & Editor

Hey guys,

sorry for the late feedback from our side.

What iOS FortiClient App versions are you using?

We do have a few known issues (that should largely be fixed) in some older iOS FortiClient versions. If you are not using the newest available FortiClient version, I would suggest an update.

jesperaAuthor

New Member

Hey

I'm using the newest available version of the FortiClient VPN version 7.0.3.0043.

Which also is the version I used when creating this topic.

ITtypea

New Member

Hello Debbie,

We encounter the same issue in our company. We are using version 7.0.3 on iOS.

Is it a known issue and is there a solution for it?

Debbie_FTNT

Staff & Editor

Hey ITtypea, jespera,

thank you for your updates.

I don't have much information to share yet - the blank screen does mirror an earlier known issue that should have been fixed from what I can see.

I reached out to a developer, and they are following up to see what's going on. We'll update you once we hear something.

Belshire

New Member

I think we figured it out, at least for our situation. This particular user was using the instructions given for the windows client. For the windows client, you can include the port in the HOST URL line, so something like: https://hostname.domain.com:8443 (we use a different port than the default). The windows client figures out that you're supplying the port and it knows what to do with it. The iOS client does NOT, so it wasn't working correctly. Once we stripped it off the URL and entered it into the PORT field it worked for us. I hope this helps.

I didn't notice this because I was trying to trouble-shoot over the phone. Once we could see it in person it all fell into place.

jesperaAuthor

New Member

Hi Belshire

I see your point. But we use default port 443, the link we use is like this https://vpn.hosting.com:443/customername , because it's used for lots of customers.

I tried writing it without the port number in the host field anyway, but it didn't make a difference.

Thanks for the suggestion though.

Debbie_FTNT

Staff & Editor

Hey guys,

what FortiGate versions are you using?

First feedback from the developers is to try FortiOS 7.0.1 or higher, as that allows FortiClient iOS to utilize SafariView, which might help with the issue.

If you are not on FortiGate version 7.0.1 or higher, can you upgrade if possible?

If you are on that version or higher, can you let me know (and also let me know what FortiGate version you are on exactly)?

Many thanks!

jesperaAuthor

New Member

Hi Debbie

Firmware is v6.4.7,build1911,210825 (GA) on a 1500D.

I'm afraid I don't have the right permissions to update it to 7.xx, and the people responsible says it probably will be +12 months before they do.

I have a different FortiGate 60E with fw version 7.0.5 though. I'm going to test with that one instead later, but it's going to take some time before I have the time and capacity to set it up and test. Will report back when I have tried it out.