Some debug info:
- sslvpn:739 Login successful
- main:1112 State: Configuring tunnel
- vpn_connection:1263 Backup routing table failed
- main:1412 Init
Things I tried:
1- reinstall FortiClient
2- disable ufw firewall
How can I solve that?
Ubuntu 22
FortiClient free 7.0.0.0018
Version 6.4.0.0851 works on Ubuntu 22.04 after installing libindicator7. The latest versions 7.0.0.18 doesn't work. Tried it with deb installation and with apt installation.
This is the solution that has worked in my case using ubuntu 22.04 and forticlient 7.0.3.
First, Forticlient tries to flush the DNS cache with the 'systemd-resolve' program which no longer exists in Ubuntu 22.04 (it has been replaced by 'resolvectl').
So we create a script '/usr/bin/systemd-resolve' with the following content:
#!/bin/bash
declare -a arguments
for i in "$@"; do
arguments+=(${i:2})
done
resolvectl ${arguments[@]}
sleep 10
Forticlient executes the command 'systemd-resolve --flush-caches' which the script transforms into 'resolvectl flush-caches'. Without the final 'sleep' in my case it kept failing. With this most of the time the VPN connection works
Created on 03-24-2023 04:47 AM Edited on 03-26-2023 11:26 PM
It worked for me but after a certain duration the internet stops working for few seconds. It keeps happening after a certain period. Looks like its happening because of the sleep.
Created on 05-04-2024 05:36 AM Edited on 05-04-2024 05:39 AM
I find the same thing - it works but then every now and then the connection hangs. By adding some debug statements to the script (to dump various diagnostics to a log file), I was able to confirm that the times when the connection hangs are indeed when the script is being executed (every 2 minutes), and also, the script is executed by the same /opt/forticlient/vpn process every time -- both at the startup of the VPN connection (when the sleep is needed) and at later times (when it gets in the way). I was able to modify omartinm's script so that the sleep is only executed if the script is run less than 1 minute after the start time of the parent process. This seems to have solved the problem.
!/bin/bash
declare -a arguments
get_start_t() {
date -d "$(ps -o lstart= $1) " +%s
}
ppid=$(ps -o ppid= $$)
agediff=$(expr $(get_start_t $$) - $(get_start_t $ppid))
for i in "$@"; do
arguments+=(${i:2})
done
resolvectl ${arguments[@]}
if [ $agediff -lt 60 ]
then
sleep 10
fi
As a reminder, this needs to be installed as /usr/bin/systemd-resolve (with execute bit set).
I can't yet be sure whether some process other than forticlient might try to call the script, causing some kind of odd behaviour. So far so good, but if it arises, it might be possible to further adapt the script to detect the command line of the parent process, and do something different if it is not being called by /opt/forticlient/vpn .
This didn't work for me, but based on it, I just did:
cp /usr/bin/resolvctl /usr/bin/systemd-resolve
There was no /usr/bin/systemd-resolve file present before copying resolvctl to it. The Forticlient VPN is now working as expected, instead of terminating the connection and logging the backup routing problem.
Xubuntu 22.04 with Forticlient VPN 7.0.7.0246.
This actually stopped working after a while - either after a reboot or after something else was updated, not exactly sure what. Will try the solution linked by Sadullah below.
In the meantime, I've just been using openforticlient.
Hey @JayWH may be it's funny =), but after a while my solution stopped working and now I tried yours, that works for me. It's message is that we should help each other more lol.
Created on 10-24-2023 06:22 PM Edited on 10-24-2023 06:22 PM
Worked perfect for me! Thanks!!
i have the same problem with an additional behavior, if i connect the pc to wifi via mobile usb tethering it works, but if i connect the pc direct to lan it did not work. none of the above suggestions have worked. Any ideas?
Unfortunately, nothing here fixed the issue for me. I'm now on Mint 21 (based on Ubuntu 22.04) and I've already got the latest version of Forticlient VPN and the latest versions of libappindicator1 and libindicator7. I've reinstalled all three, but it still won't connect. "vpn_connection:1263 Backup routing table failed" is the error I keep getting. Any ideas?
UPDATE: Since writing the above, I've now come into the office and am on a different WiFi network, and when I woke my computer, FortiClient connected! I've no idea what's different on this network, but it always used to work on the other one too. I'll see if it reconnects when I'm next online at home.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.