Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
huud
New Contributor III

FortiClient VPN connection error..

Hi,

 

I'm trying to connect the Client to a VPN Tunnel to use internet, this error keeps popping up when attempting to connect via Remote Access in FortiClient: The server you want to connect requests identification, please choose a certificate and try again. (-5).

 

My Debug:

 

FortiGate-VM64 # [131:root:6]allocSSLConn:276 sconn 0x7f5f8640e800 (0:root) [131:root:6]SSL state:before/accept initialization (192.168.90.50) [131:root:6]SSL_accept returned 0. [131:root:6]Destroy sconn 0x7f5f8640e800, connSize=0. (root) [131:root:7]allocSSLConn:276 sconn 0x7f5f8640e800 (0:root) [131:root:7]SSL state:before/accept initialization (192.168.90.50) [131:root:7]SSL state:SSLv3 read client hello A (192.168.90.50) [131:root:7]SSL state:SSLv3 write server hello A (192.168.90.50) [131:root:7]SSL state:SSLv3 write certificate A (192.168.90.50) [131:root:7]SSL state:SSLv3 write server done A (192.168.90.50) [131:root:7]SSL state:SSLv3 flush data (192.168.90.50) [131:root:7]SSL state:SSLv3 read client certificate A (192.168.90.50) [131:root:7]SSL state:SSLv3 read client key exchange A:system lib(192.168.90.50) [131:root:7]SSL state:SSLv3 read client key exchange A:system lib(192.168.90.50) [131:root:7]SSL_accept returned 0. [131:root:9]Destroy sconn 0x7f5f86410800, connSize=0. (root)

 

I have tried most of what is online possibilities, disabled certificates in CLI, SSLv3, matched it with TLS1.1, and 1.2 in Internet Explorer as well, still same error.

 

I know it's certificate related but I'm using a VM of the Firewall, not sure how to get by it..

 

Thank You

4 REPLIES 4
Cloud
New Contributor

Is your FortiVM licensed ? or you are using eval version?

 

Best Regards,

Marcin

huud
New Contributor III

Its an eval VM..

Cloud
New Contributor

Hello,

 

Eval VM has a lot restrictions. 

One of thoes is that you cant use encryption, so if you cant use encryption you cant either use tunneling feature. 

 

Hope I helped.

 

Best Regards,

Marcin

huud
New Contributor III

Definitely did help, as I spent days trying to troubleshoot the issue..

 

Thank You Very Much

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors