VPNSSL SAML+MFA: FortiGate v7.2.x and FortiClient v6.4.8 Issue

Forum|Forum|3 years ago
August 18, 2022
1 reply
1864 views

Hi guys,

I ran into a very strange problem.
After upgrading the FortiGate to version 7.2, the FortiClients version 6.4.8 received an error message when attempting to connect to VPNSSL. The error was generic:
"Credential or SSLVPN configuration ius wrong. (-7200)"

This is a SAML VPN with MFA (Azure IdP).

No speaking errors were noted in the logs. Also, FortiClients with versions 7.0.x work.

Have you also had similar problems with the new version of FortiOS?

I may have found the solution, but I would like to compare it to someone who has the same problem.

Markus_M

Staff & Editor

Hello ac1,

I don't have such a problem, so I cannot say more about it.

I would see the debug in such case, as:

diag debug console timestamp enable

diag debug app samld -1

diag debug app sslvpn -1

diag debug enable

and reproduce that problem.

It would sound like a compatibility problem with the older FortiClients and your FortiGate, but I am unsure why that should happen.

Best regards,

Markus

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded