Skip to main content
MrMic34
MrMic34
New Member
July 25, 2018
Question

VPN issues London to New York

  • July 25, 2018
  • 4 replies
  • 9033 views

Geting the below error message when using forticlient. I have confirmed the settings are correct and I checked her TLS settings for internet explorer as mentioned in a previous post but I'm still not able to connect. This user is located in London and not able to connect to the firewall in New York. However my coworker and myself are located in the states and have no issues connecting to the firewall vpn with her credentials. 

 

any suggestions?

4 replies

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
July 25, 2018

"Unreachable" error means much more physical. Can it ping the server IP, and does the URL, if you're using URL, resolved to IP? After those are confirmed, next step would be "diag debug app sslvpn -1" or the server side while the user is trying to connect, then pull VPN local log from the FortiClient. (I'm assuming it's SSL VPN, not IPsec)

MrMic34
MrMic34Author
New Member
July 25, 2018

It is a SSL VPN connection and not IPSEC. I do have a IPSEC tunnel up with the firewall onsite and am able to pass traffic. However the user is not able to ping the ip of the firewall in the states or resolve it from a url. 

 

MrMic34
MrMic34Author
New Member
July 28, 2018

Forticlient 6.0.0.0067

ede_pfau
SuperUser
ede_pfau
SuperUser
July 28, 2018

I once made a blatant mistake by filling in the remote gateway address as "217.x.y.z" when it was "213.x.y.z" (last week). Of course it could not connect.

 

Toshi_Esumi
SuperUser
Toshi_Esumi
SuperUser
July 29, 2018

Well, if the machine can't ping the IP and the URL doesn't resolve to the IP. That's nothing to do with VPN but it has a basic internet problem you need to figure out first.

Alexandria
Alexandria
New Member
June 22, 2024

The error message encountered when using FortiClient for a VPN connection from London to New York, despite correct settings and TLS settings verification, suggests a potential issue specific to the London user's network or device. Since the credentials work for colleagues in the US, consider checking for region-specific network restrictions, ISP issues, or firewall settings on the London user's device or network. Additionally, ensure the FortiClient software is up-to-date and verify that there are no geographical blocks or latency issues affecting the connection. If the problem persists, reviewing the detailed VPN logs might provide more insight.

mahesh_pm
mahesh_pm
Explorer
June 22, 2024

Are you using the default SSL port or a custom port? Try using Telnet from the client system to check the connection.

telnet [your Fortigate public IP or Domain] [port, e.g., 10443]

Terms & ConditionsAccessibility statement