Hello
I updated my FortiClient today on my Mac with 10.8.5. When I try to log in using Remove Access I now get the above error message.
How do I correct?
Or can I download the older version ( 5.0.6) that worked fine with Remove Access.
Thanks
Tim
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
It appears that MAC OS 10.9 and above will have OS and browser support for TLS v1.2.
https://discussions.apple.com/thread/5128209?start=0&tstart=0
http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.2
Option 1
To download FotiClient v5.0.6, login to support.fortinet.com and click "Download" -> "Firmware Images" -> Select "FortiClient" in the drop down list. Then browse to v5.0.6 FCT download.
Option 2
The default FortiGate configuration is as follows for the TLS negotiation on v5.2.2 of the FortiOS. If you would like to keep the latest FCT software installed you can disable TLSv1-2 in the CLI on the FortiGate and the max negotiation that will occur with the FCT will be v1.1.
config vpn ssl settings set tlsv1-0 enable set tlsv1-1 enable set tlsv1-2 enable end
Let me know if this helps.
Best Regards,
-Robin.
It appears that MAC OS 10.9 and above will have OS and browser support for TLS v1.2.
https://discussions.apple.com/thread/5128209?start=0&tstart=0
http://en.wikipedia.org/wiki/Transport_Layer_Security#TLS_1.2
Option 1
To download FotiClient v5.0.6, login to support.fortinet.com and click "Download" -> "Firmware Images" -> Select "FortiClient" in the drop down list. Then browse to v5.0.6 FCT download.
Option 2
The default FortiGate configuration is as follows for the TLS negotiation on v5.2.2 of the FortiOS. If you would like to keep the latest FCT software installed you can disable TLSv1-2 in the CLI on the FortiGate and the max negotiation that will occur with the FCT will be v1.1.
config vpn ssl settings set tlsv1-0 enable set tlsv1-1 enable set tlsv1-2 enable end
Let me know if this helps.
Best Regards,
-Robin.
As Robin mentioned, FortiClient 5.2.3 on Mac OS X 10.9 or 10.10 supports TLS 1.2.
In a future release of FortiClient (say, 5.2.4), FortiClient on Mac OS X 10.8 will use TLS 1.0 to establish connection, if the FortiGate enables it.
Hi,
I can confirm that the solution posted by Robin works perfectly...
Note that in the Forticlient 5.4 and OS X 10.8.x, the problem is the same but the error message is slightly different (just "Cannot connect to VPN server" in place of TLS v1.2 error...) but the Robin's solution works also ;)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1734 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.