Hope you are all fine. I have an issue with the FortiClient. I'm building a lab for a project that I will deploy. I tried to deploy a Remote Access VPN (SSL VPN) on a VM edition of the Fortigate, but it is not working with me.
When I try to connect, I get the error below:
Unable to establish the VPN connection. The VPN server may be unreachable. (-5)
FGT-HOME-LAB # show vpn ssl settings config vpn ssl settings set ssl-min-proto-ver tls1-0 set servercert "Fortinet_Factory" set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1" set tunnel-ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1" set port 4434 set source-interface "port2" "port3" set source-address "all" set source-address6 "all" set default-portal "full-access" config authentication-rule edit 1 set groups "MyUsers" set portal "full-access" next end end
FGT-HOME-LAB # show firewall address SSLVPN_TUNNEL_ADDR1 config firewall address edit "SSLVPN_TUNNEL_ADDR1" set uuid 00ea0dce-57ea-51eb-bd4d-c24551dfe778 set type iprange set associated-interface "ssl.root" set start-ip 10.212.134.200 set end-ip 10.212.134.210 next end
FGT-HOME-LAB # show vpn ssl web portal full-access config vpn ssl web portal edit "full-access" set tunnel-mode enable set ipv6-tunnel-mode enable set web-mode enable set auto-connect enable set keep-alive enable set save-password enable set ip-pools "SSLVPN_TUNNEL_ADDR1" set split-tunneling-routing-address "Internal_Network" set ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1" config bookmark-group edit "gui-bookmarks" next end next end
FGT-HOME-LAB # show | grep -f MyUsers config user group edit "MyUsers" <--- set member "user1" next end
Also, TLS1.0, TLS1.1 and TLS1.2 are enabled in my Internet Options only.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.