Hi All,
Not sure if this is the correct place to ask, but i hope someone might be able to assist.
In our current configuration, we are using Forticlient 6.0.3. They connect to a FortiGate 61E using SSL VPN.
Some of our users are getting issues, that when they are working from home, they cannot access our company's network.
We have multiple people with the same problem.
Below is one of many issues we are facing at the moment:
Person is in the office. Connects to our WIFI, which is not part of our internal network. Connects SSL VPN and is compliant. Can access our internal network.
Person is at home. Connects to their home WIFI, which is not part of our internal network. Connects via SSL VPN and is compliant. Can not access our internal network.
We are also facing below issue:
Person is at home. Connects to their home WIFI, which is not part of our internal network. Connects via SSL VPN and is compliant according to the client and the admin portal from Fortigate. Can not access our internal network.
If i start a internet browser on above client, it states that it is not compliant and that it has detected Forticlient version "0.0.0".
Hope someone is able to assist, as this it pretty critical. Makes working from home impossible.
Solved! Go to Solution.
This has been resolved for us when we updated FortiOs to version 6.0.6
According to support:
Please be informed that I have found a well known issue on Fortigate known issue number: 0521645 that is related to traffic over sslvpn with compliance enabled. This issue is already resolved in FortiOS versions 6.0.5 and 6.2.1.
Not sure what else to suggest, personally I'd raise a support ticket with Fortinet at this point.
We have also done this already.
My colleague was on the phone with them for 3 hours. They did some DNS changes, which they reverted back as well.(i assume it did not help, hence the revert)
In the end they advised us to reinstall Windows on the problematic devices. Which in my opinion, is not a solution.
Wanted to share it here, incase someone might have seen this before and has a possible solution.
Re-install Windows! That's a terrible solution, which is very unlikely to work. Do you have any other security software on the PC's that might be blocking FC? Perhaps try a vanilla install of Windows to see if that works.
Hi Steve,
On the Windows 7 machines we have Kaspersky running as the AV. Again, this runs on all the W7 machines, so the problematic ones, but also some of the good ones. I can try a Clean W7 install without AV, but i won't be able to get passed the compliance check. It is checking if a third party AV is installed. if not, the machine won't be compliant.
Perhaps try with the AV component of FortiClient enabled, that would be a good test as to whether it's the AV client causing the issue. You'd hope the compliance check would work perfectly when using FortiClient with AV enabled....
Will need to discuss if we can try this. I don't really have a lab environment too test in, if i change the setting to use Forti AV instead of a third party AV, it will be pushed to everyone i assume. This might raise up more issues.
I have same problem.
I'm using a Win7, 64 bit machine. Waiting for someone who can solve this problem.
I can connect through VPN but unable to access anything, even ping to the AD.
Preparing to reinstall Windows and start from scratch.
Will update the result later.
This has been resolved for us when we updated FortiOs to version 6.0.6
According to support:
Please be informed that I have found a well known issue on Fortigate known issue number: 0521645 that is related to traffic over sslvpn with compliance enabled. This issue is already resolved in FortiOS versions 6.0.5 and 6.2.1.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.