Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

MichMonf
New Contributor

VPN lofin fail error - 455

VPN lofin fail error - 455

 

We use the FortiClient and user tried to login in SSL-VPN to FG300D.
The VPN authetification used Radius-LDAP.

We always get the "Permission denied (-455)" error.
This append for only one user.

We are login successfully with other account in the same computer.

I tried to analyse the logs and always received, unknow users.


VPN FortiSslvpn: Init:ConnectNamedPipe(): Wait(hEventOverLapped) OK.
VPN FortiSslvpn: before ConnectNamedPipe
VPN FortiSslvpn: Init:ConnectNamedPipe(): rc=0, err=997
VPN FortiSslvpn: _ReceiveMessage: (000004CC)
VPN id=96603 msg="SSLVPN tunnel connection failed (Error=-455).

In Fortigate applaiance in VPN Events the message is: sslvpn_login_unknown_user

Finally, I was able to reproduce this issue.
I create a new user in AD and put it the VPN-Users-Group associate to Radius.
I put the same password of my user that experiment the issue.
Surprise, same message: error- -455.

I tested directly in the applaiance under Users, Raduis Server - Edit - Connectivity test
with this testing account and password: Result = Succesful.

I tried again in vpn,always fail.

I modify the password to remove special caracter in this case french accent "é" include in the password.
Result lgin succesfull.
I put the accent again in the password and login fail.

I don't test every type of caracters but I recommand my users to avoid any french accent in the password.

best regard

0 REPLIES 0
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.