CacheClean plugin not recognized by Firefox (for SSL VPN)

horinius · ‎07-04-2013

Recently, there' s a problem with the " CacheClean" plugin in Firefox. When we use Firefox to log in, it always says: Fortinet SSL VPN Client CacheClean plugin is not installed on your computer or it is not up-to-date. The plugin will automatically clean your firefox cache, downloads, history, cookies, passwords and form data when you log off your SSLVPN session. Click here to download and install it. After the installation, please restart Firefox and try to login again. We download and install the CacheClean plugin but after login, we are presented the same message again. Our Fortigate 80c firmware version is v4.0, MR2 Patch 15 (aka 4.2.15) and the CacheClean plugin comes from the Fortigate. The plugin version is 4.0.2250 What is the solution? Thanks in advance PS: IE has been broken since about a year that I had to recommend Firefox to everybody. But now even Firefox is not compatible with Fortigate' s SSL website, that' s really annoying.

rwpatterson · ‎07-04-2013

You missed the important question: What version of Firefox?

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

horinius · ‎07-04-2013

Oh :D Version 22.0 (but I think ver 21 already had this problem)

rwpatterson · ‎07-04-2013

Damn... I' m still back on 3.6.x (because it works!). Anyway, have you dug through the release notes? Usually they will tell you what versions it' s compatible with. By the way, the below came from the release notes from 5.0.2, page 29:

I know it' s not tunnel mode, but the two are usually closely connected.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

horinius · ‎07-04-2013

Versions 18 - 20 of Firefox all work with SSL VPN web page in firmware 4.2.15. It' s just version 22 which breaks it. Because of all the changes and vulnerabilities, I cannot ask my users to stay in FF 3.6.x IE 10 is totally unusable wrt SSL VPN. Maybe I should upgrade firmware from 4.2.15 to 5.0.2? Is there any trade-off? Any trap to avoid? Any performance issue? Thanks

rwpatterson · ‎07-04-2013

If all you are using is the SSL VPN portion, skip the browser and use the client from Windows directly. Much simpler and is independent of browsers.

Bob - self proclaimed posting junkie!
See my Fortigate related scripts at: http://fortigate.camerabob.com

horinius · ‎07-04-2013

Yeah, I will definitely be going to change the whole VPN access procedure. Currently, users are asked to use our VPN webpage as entry point. But it' s been broken again and again in the last 3 years. Very annoying. One reason why users are asked to use that webpage as entry point because the VPN client setup is provided natively for download. I' m going to put the the client setup in our company website -- hope I' m not infringing any Fortinet policy.