Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
johnathan
Staff
Staff

Created on ‎07-29-2024 03:01 PM

Article Id 328921

Technical Tip: Unable to set the ‘client-auto-negotiate’ or ‘save-password’ option needed for Auto Connect to work for Remote Access IPSec

Description This article describes how to resolve a scenario where the user is unable to set up Auto Connect for the FortiClient on an IPSec tunnel, as certain options are not available.  
Scope FortiOS 7.x.x.
Solution

For ‘Auto Connect’ to work while using an IPsec tunnel, it could be necessary to set ‘client-auto-negotiate’ and ‘save-password’ 
to 'enable' under the Phase 1 config of the tunnel. 
 
When making a Remote Access IPsec tunnel using the default template on the FortiGate, it may have the option ‘set unity-support disable’ already set on that tunnel. 

 

If it is desired to enable the ‘Auto Connect’ feature, this is required to be on. 
Once this is changed, proceed to configure that option, and ‘Auto Connect’ should work as intended.

 

 
 
unsetUnity.PNG
874
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.