In our office, we use IPSec VPN for users to tunnel into our office network, to enable users to WFH. We have a few users who have reported that their FortiClient VPN clients (Windows 10 clients) credentials have started disappearing randomly.
What I have narrowed down so far - 1. Client attempts a connection, but cancels the attempt before the OTP is keyed in (or before the connection is completed) 2. Client either shuts down or restarts their computer while the VPN connection was "ON". 3. Client system's Windows update happens and it restarts the laptop or desktop even though the VPN was disconnected, the VPN client loses the user credentials.
4. In a few random instances, it just disappears for no reason what-so-ever.
We have upgraded all the clients to use FortiClient v7.0.2.0090 for connecting into the office, to reduce any cross-version compatibility issues.
FortiClient installation path (C:\Program Files\FortiClient) and FortiClient binaries have already been added to antivirus exclusion paths (Kaspersky/Microsoft Defender).
However, The credentials still randomly disappear.
Yup, it's configured to save login and password. I have noticed, however, when the client "forgets" the credentials, if i go to the registry key HKCU\Software\Forticlient\IPSec\Tunnels\<tunnel_name>, the "save_username" key is always 0 and however many times change it to 1 and restart, the setting changes to 0.