Hi All,
Not sure if this is the correct place to ask, but i hope someone might be able to assist.
In our current configuration, we are using Forticlient 6.0.3. They connect to a FortiGate 61E using SSL VPN.
Some of our users are getting issues, that when they are working from home, they cannot access our company's network.
We have multiple people with the same problem.
Below is one of many issues we are facing at the moment:
Person is in the office. Connects to our WIFI, which is not part of our internal network. Connects SSL VPN and is compliant. Can access our internal network.
Person is at home. Connects to their home WIFI, which is not part of our internal network. Connects via SSL VPN and is compliant. Can not access our internal network.
We are also facing below issue:
Person is at home. Connects to their home WIFI, which is not part of our internal network. Connects via SSL VPN and is compliant according to the client and the admin portal from Fortigate. Can not access our internal network.
If i start a internet browser on above client, it states that it is not compliant and that it has detected Forticlient version "0.0.0".
Hope someone is able to assist, as this it pretty critical. Makes working from home impossible.
Solved! Go to Solution.
This has been resolved for us when we updated FortiOs to version 6.0.6
According to support:
Please be informed that I have found a well known issue on Fortigate known issue number: 0521645 that is related to traffic over sslvpn with compliance enabled. This issue is already resolved in FortiOS versions 6.0.5 and 6.2.1.
We don't use the Compliance feature but the SSL VPN is rock solid for us. Whether that's using FortiClient or one of the Linux SSL VPN clients. What version of code is the FortiGate running?
Hi,
FortiGate is running on FortiOs version: FortiOS v5.6.8 build1672 (GA)
it is very strange as, some users(not all) reported that the next day for example, it is working again from home.
Yesterday i had a colleague who was working from home. good WIFI signal. Started VPN and made connection, everything went fine. FortiClient showed he was compliant. I checked Fortigate admin panel - under Forticlient Monitor and it showed he was compliant. I open a browser and the forticlient page pops up stating that it is not compliant because it detected version 0.0.0. We have it set so people need to have version 6.0.2. This person has version 6.0.3 so it should work. He also tried this through hotspot via phone. Same story.
In the end i couldn't fix the VPN issue......
Today, i am checking this same user, and he is working fine through VPN today. No changes have been made on either our side or the user's side.
Sounds like a compatibility issue between FortiGate OS and the FortiClient version. I'll see if there's a compatibility chart somewhere.
Apologies if I'm suggesting stuff you've already done but is Compliance via SSL VPN actually enabled on the FortiGate?
This procedure does not include all settings needed to configure a working SSL-VPN.
Hi Steve,
This is all configured properly. Just checked. We do have people who connect fine and stay connected for a longer time. On the other hand, we also have people who can't connect with previously stated issues.
To note. Everyone is running FortiClient 6.0.3 as it is deployed to them.
Incidentally we had some web filtering related issues that were introduced in 6.0.3 which were fixed in 6.0.5 and we don't even use web filtering! Perhaps give 6.0.5 a try on a test machine. There is also a critical vuln in 6.0.3 that's fixed in .5
Hi Steve,
Since the crit vuln. is fixed in 0.5, it will be good for us to update all the clients. I did test 0.5 for these specific issues already though. For one user it did solve it, for the other user it didn't. The user where the update did not fix the issue, came in the office the next day, stating that the vpn worked in the evening from home. I updated it in the morning.
Its really difficult to identify the issue, as clients with problems one day, work the other day and decide to not work the day after again. on the other hand, some clients have no issues at all. I will test FortiClient 6.0.5 though and see if this one gives more stability.
You seeing this on both MacOS and Windows?
Currently we have no MacOS devices where the FortiClient is installed on.
All our devices are HP Laptops running Windows 7 Professional 64 Bit. We do have around 4 to 5 machines running on Windows 10 Pro 64 bit.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.