VPN connection using Mac

Forum|Forum|10 years ago
March 7, 2016
2 replies
15344 views

Hi,

I'm using FortiClient 5.4.0.493 on OS X 10.9.5.

I've successfully established a VPN connection previously on Windows 7 using FortiClient 4.3.5.473.

Please see the connection configuration I've exported on Windows (I've redacted the hashes):

<connection> <name>My Connection</name> <type>manual</type> <ike_settings> <server>vpn.our-server.com</server> <authentication_method>Preshared Key</authentication_method> <auth_key>Enc presharedKeyHash</auth_key> <mode>aggressive</mode> <dhgroup>5;</dhgroup> <key_life>28800</key_life> <localid></localid> <nat_traversal>1</nat_traversal> <enable_local_lan>0</enable_local_lan> <nat_alive_freq>5</nat_alive_freq> <dpd>1</dpd> <dpd_retry_count>3</dpd_retry_count> <dpd_retry_interval>5</dpd_retry_interval> <xauth> <enabled>1</enabled> <username>Enc usernameHash</username> <password></password> <attempts_allowed>3</attempts_allowed> </xauth> <proposals> <proposal>AES128|SHA1</proposal> </proposals> </ike_settings> <ipsec_settings> <remote_networks> <network> <addr>10.7.0.0</addr> <mask>255.255.255.0</mask> </network> </remote_networks> <dhgroup>5</dhgroup> <key_life_type>seconds</key_life_type> <key_life_seconds>1800</key_life_seconds> <key_life_Kbytes>5120</key_life_Kbytes> <replay_detection>1</replay_detection> <pfs>1</pfs> <autokey_key_alive>1</autokey_key_alive> <use_vip>1</use_vip> <virtualip> <type>dhcpoveripsec</type> <ip>0.0.0.0</ip> <mask>0.0.0.0</mask> <dnsserver>0.0.0.0</dnsserver> <winserver>0.0.0.0</winserver> </virtualip> <proposals> <proposal>AES128|SHA1</proposal> </proposals> </ipsec_settings> </connection>

I've figured out that the virtualip part of the configuration is problematic:

<virtualip> <type>dhcpoveripsec</type> <ip>0.0.0.0</ip> <mask>0.0.0.0</mask> <dnsserver>0.0.0.0</dnsserver> <winserver>0.0.0.0</winserver> </virtualip>

Trying to import the above configuration on Mac with this part fails; The connection just doesn't show up in the FortiClient GUI.

Others have had this problem too.

If I remove the virtualip part of the configuration and import it on Mac, the imported connection shows up in the GUI but when I try to establish a VPN connection I get (after quite a while) the error -104.

How can I establish a VPN connection on Mac using the above connection configuration?

Thanks a lot in advance.

5.4

emnoc

New Member

Have you tried the latest FC for MACOSX? If you pm, I will import that cfg into FC v5.2.4.377 and give you feedback.

Ken

FortiRack_Eric

New Member

There are issues with FortiClient Mac 5.4.0 and OSX El Capitan. You need to use 5.2.6 Mac FortiClient or wait for the fix in FortiClient 5.4.1 - (to be released)

matthias2Author

New Member

Thank you Ken and Eric for your responses.

@Eric: Can you please give me a link to 5.2.6 Mac FortiClient? I searched in vain on the Fortinet website and via Google.

@Ken: Thanks for offering your help. Yes, I'm using the latest FortiClient 5.4.0.493. After talking to my customer who owns the network I want to connect to, I can't give you access to it. Would you be so kind as to tell me how you would have debugged the failing connection?

Thanks again for your help.

Anastasia

New Member

I use different VPN for my Mac book and it works perfectly for me.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded