I have a problem with FortiClient VPN 7.4.0.1658 version
I need connect to the VNP server in local network.
My computer with the client do not have internet access.
When I am trying to connect I can observe warning message in FortiVPN_1.log:
fortivpn::StateMachine::HandlePreflight_EnvironmentCompliance environment does not permit VPN connections: No Internet.
In state: TunnelConnectAborted
I do not need internet to connect to the VPN, because the server is in local network.
During startup I can observe in this log:
fortivpn::INetworkAvailability_impl::Get LAN is available, Internet is not available
Is it possible to configure the client to not use the internet, but only local network to connect to the VPN server?
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I think I found the solution :)
1. Backup the config.
2. Change
<disable_internet_check>1</disable_internet_check>
to
<disable_internet_check>0</disable_internet_check>
3. Now it works (tested on 7.2 but similar option is in 7.4 too)
Hello @grzesieks7
What about web SSL VPN mode, did you try?
Is this a valid option for you?
BR
Hello Ndumaj,
I didn't try SSL VPN, because I need IPSEC there. I was hoping that somebody knows how to disable internet connection checking in Forticlinet VPN. Unfortunately I have not been able to figure out how the Forticlient checks the internet connection.
I was observing the traffic and I cannot see any traffic to check the internet connection nor to connect to the VPN server.
I am sure that the problem is with Forticlient because other client works without any problems.
Best Regards,
Grzesiek
No one had similar problem?
I tried to use the 7.2 version and I found in debug log:
[2024-08-27 13:36:02.3969315 UTC+01:00] [2388:3572] [FortiVPN 42 debug] fortivpn::INetworkAvailability_impl::Get LAN is available, Internet is not available
[2024-08-27 13:36:02.3970816 UTC+01:00] [2388:3572] [FortiVPN 184 debug] fortivpn::IDataManager::LoadEnvironmentalData leave
[2024-08-27 13:36:02.3970858 UTC+01:00] [2388:3572] [FortiVPN 141 debug] fortivpn::IDataManager::LoadVPNEnvironmentalData
[2024-08-27 13:36:02.3971033 UTC+01:00] [2388:4972] [FortiVPN 166 debug] fortivpn::IDataManager::SetEPCState env_before (not initialized) {"just_installed":true,"trial_mode":false,"bypass_internet_check":false,"network_state":{"lan_available":true,"internet_available":false},"is_quarantined":false,"suppress_vpn_notifications":false,"on_os_start_connect_has_priority":false,"vpn_is_running":false,"single_user_mode":false,"autoconnect_on_offnet_only":false,"autoconnect_on_config_install":false,"keep_running_max_tries":-1,"keep_running_delay":0,"power_resume_autoconnect_delay":5,"user_login_autoconnect_delay":0,"epc_state":0,"power_suspending":false}
[2024-08-27 13:36:02.3971153 UTC+01:00] [2388:4972] [FortiVPN 167 debug] fortivpn::IDataManager::SetEPCState env_after (not enabled) {"just_installed":true,"trial_mode":false,"bypass_internet_check":false,"network_state":{"lan_available":true,"internet_available":false},"is_quarantined":false,"suppress_vpn_notifications":false,"on_os_start_connect_has_priority":false,"vpn_is_running":false,"single_user_mode":false,"autoconnect_on_offnet_only":false,"autoconnect_on_config_install":false,"keep_running_max_tries":-1,"keep_running_delay":0,"power_resume_autoconnect_delay":5,"user_login_autoconnect_delay":0,"epc_state":-3,"power_suspending":false}
[2024-08-27 13:36:02.3971343 UTC+01:00] [2388:4972] [FortiVPN 170 debug] fortivpn::IDataManager::SetEPCState Global environment changed
[2024-08-27 13:36:02.3971452 UTC+01:00] [2388:4972] [FortiVPN 54 debug] fortivpn::StateMachine::AddEvent type=12 (GlobalVPNEnvironmentChanged)
It looks like there is an option allowing bypass internet check. Unfortunately I am not able to find it. I looked at all VPN config functions, keys in registry, but still no luck.
Connection is stable. Problem is default config of the forticlient. It tests the internet connection - for 99,9% usage scenarios it is fine, because you are using internet to connect to the company form home, but mine case is different
I think I found the solution :)
1. Backup the config.
2. Change
<disable_internet_check>1</disable_internet_check>
to
<disable_internet_check>0</disable_internet_check>
3. Now it works (tested on 7.2 but similar option is in 7.4 too)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1546 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.