SSL-VPN on Fortigate-VM

Forum|Forum|12 years ago
August 14, 2013
4 replies
13731 views

I' m trying to test the SSL-VPN feature on a Fortigate-VM in trial mode (so no license yet). Should this work? I think I' ve configured everything correctly, but I don' t get a login-page when I go to the https:// url of the fortigate-vm. In IE, I get nothing. In firefox, I get an error: ssl_error_no_cypher_overlap. Thanks!

Fullmoon

New Member

I' m not familiar with forti-vm but did you try using this address? https://public add:10443

RustAuthor

New Member

unfortunately, doesn' t work...

Diabolicus23

New Member

Solved! You have to use an old version of Firefox. Use, as example, Firefox 2.0.0.20 and, in about:config, set security.ssl3.rsa_rc4_40_md5 as true Now you will be able to access via https. With trial version the certificate is RSA SHA1 512 bits and this certificate is not supported in recent browser version. Attention, you must use an old version (I think 18 and older).

RustAuthor

New Member

sorry for the late reply. But still doesn' t work... I tried with firefox 2.0.0.20, and now I do get the certificate warning (which is OK), but when I try to continue, I get an HTTP Error 400. Any ideas?

abc987

New Member

At Forti-VM (unlicenced) there is this problem with this low encryption. I always add http to allowaccess. For testing this works to get webGUI. To connect to SSL-Portal there may be a problem. Have you tried to allow low encryption? In FOS5 its only via CLI

config vpn ssl settings  set algorithm <cipher_suite>

Have you tested SSL in tunnel-mode with the client?

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded