FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mkatary
Staff
Staff
Article Id 208031
Description

There is a known behavior of MacOS Monterey forticlient not able to connect not able to connect to Fortigate over SSL-VPN. 

 

This article describes that this issue will appear for users using free FortiClient VPN version.

Scope

Confirm TLS 1.3  is enabled on FortiOS.

 

Xheck fortitray.log and search for the below error.

 

20220323 14:05:37 [FortiTray:INFO] VpnManager.swift:611 VPN connecting


20220323 14:05:37 [FortiTray:EROR] VpnManager.swift:388 Failed to get tunnel provider's return code
20220323 14:05:37 [FortiTray:INFO] VpnManager.swift:604 VPN disconnected
20220323 14:06:27 [FortiTray:INFO] VpnManager.swift:787 Start VPN: viking-river
20220323 14:06:27 [FortiTray:INFO] VpnManager.swift:611 VPN connecting
20220323 14:06:27 [FortiTray:DEBG] vpnconnection.mm:540 Server URL: https://92.43.224.11:10443
20220323 14:06:28 [FortiTray:INFO] VpnManager.swift:1397 Input request type: USER_INPUT_REQUEST_INVALID_CERTIFICATE
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:215 ApiEncMethod: 0
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:217 ApiRemoteAuthTimeout: 30
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:219 ApiServerSalt: 3414a8b1
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:220 flag: 223
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:314 Send authentication request
20220323 14:06:28 [FortiTray:INFO] sslvpn.cpp:506 Authentication passed
20220323 14:06:29 [FortiTray:DEBG] vpnconnection.mm:400 Stop process.
20220323 14:06:29 [FortiTray:INFO] VpnManager.swift:1475 Notification: Cancel input
20220323 14:06:29 [FortiTray:INFO] sslvpn_bridge.mm:71 Login successful
20220323 14:06:29 [FortiTray:INFO] sslvpn.cpp:575 Login successful
20220323 14:06:29 [FortiTray:INFO] VpnManager.swift:1183 Inherit proxy settings
20220323 14:06:29 [FortiTray:INFO] VpnManager.swift:1217 Setup proxy exceptions
20220323 14:06:31 [FortiTray:DEBG] AppDelegate.swift:151 Reload config
20220323 14:06:31 [FortiTray:EROR] ConfigManager.swift:1522 Config file "/Library/Application Support/Fortinet/FortiClient/conf/epctrl.plist" not exist
20220323 14:06:31 [FortiTray:INFO] VpnManager.swift:611 VPN connecting
20220323 14:06:31 [FortiTray:EROR] VpnManager.swift:388 Failed to get tunnel provider's return code
20220323 14:06:31 [FortiTray:INFO] VpnManager.swift:604 VPN disconnected

Solution

Use the FortiClient version 6.4.6 (download from infosite).

 

FortiClientVPN_6.4.6.1378_OnlineInstaller.dmg  

 

Contributors