On FortiClient 7.2.4, SSLVPN will not connect if the local machine has no Internet connection.
It appears that FortiClient checks Windows Network Level Awareness (NLA) to see if there is a working Internet connection. However, this breaks airgapped setups where:
1. the endpoint is airgapped with no Internet connectivity (hence Windows NLA will report No Internet)
2. the FortiGate is intranet-only (not exposed to the Internet)
FortiClient will refuse to initiate a connection thinking that there is no working connection, but FGT is reachable.
Previous versions of FC (7.0.11) seem to work alright, just not the 7.2.x branch.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello everyone,
The same thing with us, we come from FortiClient 7.2.0 which actually worked quite well except that the Azure SAML authentication was only remembered when the auth opened in the external browser.
The FortiClient 7.2.3 then caused serious DNS problems for us (even without an active VPN), as it is very inconspicuously stated in the release notes.
The update to 7.2.4 fixed the DNS problem but now we also have various connection problems.
1. 0% - 40% - 0%
or
2. 100% short traffic then disconnect
or
3. Clicked connect but nothing happened
Another problem is the automatic software deployment of the client and the fact that there is no coherent install and uninstall concept which actually automatically deletes all application components, disconnects from the EMS, cleans up the configuration and removes virtual drivers even during a deinstallation.
Or are there silent command line parameters for the FCRemove.exe?
It would at least be very helpful for bug fixing if the uninstallation went well.
I opened a ticket with Fortinet, the logs are currently being checked.
Greetings
Michael
Same issue for us as @Michael_Heinrich , but for 3 users (of 40) so far. Pushed out 7.2.4 this weekend and have 3 critical users unable to VPN in. No clear fix in sight, super frustrating.
Dear Fortinet Community,
after intensive research and experimentation, I would like to share a possible solution for the issues with FortiClient 7.2.4. It seems that a clean uninstallation and reinstallation of FortiClient can resolve the problem. However, it is important to ensure that the uninstallation not only occurs through the standard application but also that all application data and registry values of the FortiClient user are removed.
To achieve this, I recommend using the FCRemove.exe tool, specifically designed for the clean removal of FortiClient. However, it is important to note that the standard uninstallation is executed in the admin context and therefore typically does not remove the user data completely.
After attempting to find a way to automate FCRemove.exe, I am pleased to announce that I have succeeded.
With the following two script lines, the FortiClient can be shut down first, and then the FCRemove.exe can be automatically executed as an administrator:
"%ProgramFiles%\Fortinet\FortiClient\fortitray.exe" --shutdown
"%~dp0fcremove_x64.exe" --silent
However, the downside is that the computer restarts unexpectedly, which is certainly not ideal.
I kindly appeal to Fortinet developers to provide the appropriate silent parameters or to develop an uninstallation mechanism that allows customers to cleanly reinstall the product.
I will also endeavor to develop a corresponding script in parallel, which I will be happy to share here.
Thank you to everyone who is working to bring this excellent product back into the limelight!
Best regards from Würzburg,
Michael Heinrich
Hello,
Possible to share the xml config file from the Forticlient.?
To export - Free FCT GUI - Settings button - Click Backup to export the xml file.
BR
Hello everyone,
Fortinet has done a great job with the new version 7.2.5, addressing many of the previous issues. The DNS problems that occurred in version 7.2.3 no longer exist in 7.2.5. The various connection issues we experienced in earlier versions also seem to have been resolved.
I hope FortiClient continues to be developed with this level of quality and that bugs are fixed more swiftly in the future.
Best regards,
Michael
When you upgraded to version 7.2.5 did you do a full uninstall first like you mentioned in the script?
"%ProgramFiles%\Fortinet\FortiClient\fortitray.exe" --shutdown
"%~dp0fcremove_x64.exe" --silent
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.