FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.


When using a dialup IPsec VPN from the iOS VPN client, when using certificate authentication, the VPN may fail with the error "Could not validate the server certificate". 

Expectations, Requirements
When using certificate authentication for iOS dialup IPsec VPN, the CN in the FGT's certificate must be its IP address or its resolvable FQDN. If this is not the case, you may get the above error message.