Hello friends; A customer has a remote worker whose FortiClient (v7.0.2.0090) SSL-VPN connects & authenticates successfully every time with the office FortiGate 60E, and though the FortClient dialog box shows the proper 192.168.20.2 address from the SSL VPN address pool. Windows itself (via "ipconfig /all") has an 169.254.X.X autoconfiguration IPv4 address and no default gateway.
Unsurprisingly, nothing works: it shows bytes transmitted, but nothing received.
Disabling the AVG Enterprise desktop security software doesn't seem to make any difference, and I don't see anything in any log.
Apparently this started happening some weeks ago, but nobody can identify what changed. Oddly, sometimes it *does* work, but we can't find a pattern. Other remote workers don't seem to have this problem.
Would love some ideas for where to look.
~~~ Steve
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello SJFriedl,
Please check the thread, if you're using Windows 11, KB2693643 is not compatible with Windows 11.
https://community.fortinet.com/t5/Support-Forum/Windows-11-22H2-update-FortiClient-VPN-doesn-t-work/...
The solution is you need to uninstall (KB2693643), use the command "wusa /uninstall /kb:2693643" on the Command Prompt (opened as Admin). It will pop up for a "Yes" to confirm.
Once done connect the VPN and check.
https://techcommunity.microsoft.com/t5/windows-11/how-to-install-or-uninstall-rsat-in-windows-11/m-p...
https://www.windowslatest.com/2021/04/23/how-to-uninstall-windows-10-updates-manually/
It is happening again with the Jan update on Win 11 machines. Is there going to be a fix?
I only barely remember, but I went back through my emails and it appears to have been Windows 11, and my notes suggest that uninstalling the troublesome Windows Update didn't make any difference.
And for unrelated reasons, the customer replaced the laptop they were using, and given that I didn't hear of any problems after that, my suspicion is that the original computer just had general dorkage that will never be explained.
I'm sorry I didn't come back at the time to report this.
Hi @SJFriedl,
What is the OS of the client?
Mostly a uninstall of the FortiClient VPN and reinstalling fixes such kind of issues.
We did uninstall/reinstall. we reset the Forticlient NICs. the default route did not change in the route table and the IP was the generic unroutable 169.xxx.xxx.xxx. Uninstalling this month's update fixed the route table and also gave the correct IP. Installing the Jan update again creates the same problem. We don't want to block security updates from Microsoft, so this will be a growing issue as the month progresses. we are going to try an older version of the Forticlient and see if it is compatible until we can get a more permanent fix.
@smalls : what is the Version of Forticlient and Fortigate where its connecting.
Rather than downgrading the version try upgrading the version from 7.0.2 to 7.0.12 or 7.2.X
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1529 | |
1027 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.