Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
truongphan
New Contributor

Created on ‎09-29-2022 12:53 PM

Can't access web mode access SSL-VPN

I have lab on EVE-NG setup SSL-VPN when access web mode from client then I can't access web

 

Capture11.PNG

Labels:
410
0 Kudos
2 REPLIES 2
truongphan
New Contributor

Created on ‎09-29-2022 12:53 PM

This is topo

topo.PNG

409
0 Kudos
Markus_M
Staff
Staff

Created on ‎09-29-2022 02:26 PM

Hi Truong,

 

the error says it on screen: Cipher mismatch. The FortiGate and the Browser do not speak the same security protocol and fail to negotiate a TLS/SSL tunnel.

Either your browser or FortiGate is ancient or your FortiGate is set up to not use strong-crypto or only allow older TLS versions.

On CLI you can search for it:

show | grep crypto -f

show | grep TLS -f

show | grep SSL -f

Respective options might have to be changed. A good idea to do so. Above error message only appears when one of the clients isn't speaking up-to-par encryption standards for some reason.

 

 

Best regards,

 

Markus 

398
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.