Skip to main content
dungnguyen310
dungnguyen310
New Member
February 21, 2020
Question

SSL VPN MAC host check doesn't work on IOS device

  • February 21, 2020
  • 3 replies
  • 6173 views

 Hello everyone!

 I'm newbie and I have a question about the SSL VPN on Fortigate. I'm using a 501E for the DMZ zone, I config SSL VPN with Mac host check following this guide: https://kb.fortinet.com/kb/documentLink.do?externalID=FD41648 and It works fine with windows and MacOS. The Forticlient send MAC of the device to the firewall so only the specific device can connect to the tunnel.

But the problem is on the iphone device ( I'm using IP XR with IOS 13) the Forticlient doesnt send MAC to Fortigate so It cannot connect to the tunnel.

 The IOS LOG is attached, please kindly review it for me.

 Thanks a lot! 

 

    3 replies

    mr_vaughn
    mr_vaughn
    Explorer III
    February 16, 2021

    Did you get this answered?

    I am wanting to know if host check can be enabled for iOS (Apple iPAD's) & Android devices.

     

    dionathan_chrys
    dionathan_chrys
    New Member
    February 24, 2021

    Same problem here 

    ezhupa
    Staff
    ezhupa
    Staff
    June 2, 2023

    Check the below KB:

    https://community.fortinet.com/t5/FortiClient/Technical-Tip-SSL-VPN-MAC-host-check-does-not-work/ta-p/194482

     

    "Due to security reason,Android & IOS will not allow Apps to be able to trace units and their users anymore.
    Hence Forticlient will not be able to fetch real MAC address of the mobile units.

    Hence MAC check does not work in Mobile units."

    Dongfang_Li_FTNT
    Staff
    Dongfang_Li_FTNT
    Staff
    August 16, 2024

    The above document explains the mac addr host check not working in all version of  Android and iOS. How about the OS version check? Customer wants to know if sslvpn can host check the IOS v17.  

    Terms & ConditionsAccessibility statement