Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Anubhavk
New Contributor

Created on ‎07-07-2022 11:10 PM

FortiClient is getting disconnected after 5 seconds

Dear Team,

 

I have Fortigate 101F servicng as SSL VPN firewall. We are using forticlient to connect to SSL VPN. Out of 200 users 2 of them are facing issue, FOrtiClient get connected but disconnect immediately after 5 seconds. Here is the debug log please help.

 

7/7/2022 3:10:12 PM info system date=2022-07-07 time=15:10:11 logver=1 id=96900 type=traffic subtype=system eventtype=traffic level=info uid=A39433206A3A4C9AA65EDA98C08C079D devid=F**** hostname=L***** pcdomain=abc.IN deviceip=192.168.1.103 devicemac=**-**-**-** site=N/A fctver=7.0.5.0238 fgtserial=F****** emsserial=N/A os="Microsoft Windows 10 Enterprise Edition, 64-bit (build 18362)" user=abc@abc msg="Traffic log" sessionid=2918467934 srcname=sslvpn srcport=0 direction=outbound dstip=X.X.X.X dstport=443 proto=6 rcvdbyte=34359738368 sentbyte=64424509768 utmaction=passthrough utmevent=vpn threat=disconnect userinitiated=0 browsetime=0
7/7/2022 3:11:20 PM info sslvpn FortiSslvpn: 22644: fortissl_connect: device=ftvnic
7/7/2022 3:11:21 PM info sslvpn FortiSslvpn: 7628: PreferDtlsTunnel=0
7/7/2022 3:11:24 PM error sslvpn FortiSslvpn: 23492: error: poll_recv_ssl -> SSL_get_error(): 5
7/7/2022 3:11:24 PM error sslvpn FortiSslvpn: 23492: error: poll_recv_ssl -> WSAGetLastError():2745
7/7/2022 3:11:24 PM info sslvpn FortiSslvpn: 23492: error: polling recv, try:1

Thanks

Labels:
16341
0 Kudos
11 REPLIES 11
Anthony_E
Community Manager
Community Manager

Created on ‎07-10-2022 09:47 PM

Hello Anubhavk,

 

Thank you for using the Community Forum.

I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

 

Regards,

Anthony-Fortinet Community Team.
12369
0 Kudos
btan
Staff
Staff

Created on ‎07-11-2022 08:30 PM

Hi Anubhavk,

 

Are you using free version of FortiClient?

This "info" level logging result shows only generic error message.
You may enable debug level logging for more helpful logs.

 

As it only happens on 2 out of 200 users, I suspect below:

-Is there any third party SSLVPN adapters on the 2 PCs? They may cause conflict

-Is there any third party Antivirus software that may cause conflict? Run CMD command:

WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List
-Go to Internet Options > Connections > LAN Settings and uncheck Use a proxy server for your LAN

-Try disabling IPv6 in Network connection setting

 

Regards,
Bon
12358
0 Kudos
Anubhavk
New Contributor
In response to btan

Created on ‎07-13-2022 02:36 AM

Please find below the network adaptor snapshots.

Anubhavk_1-1657704919039.png

WMIC /Node:localhost /Namespace:\\root\SecurityCenter2 Path AntiVirusProduct Get displayName /Format:List

Anubhavk_2-1657704979955.png

Proxy setting and IPv6 already disabled. Please share your email ID to send debug logs

12324
0 Kudos
btan
Staff
Staff
In response to Anubhavk

Created on ‎07-13-2022 02:44 AM

Is it possible to temporary disable Symantec antivirus software and retry?
Do all other PCs have Symantec installed as well?

Regards,
Bon
12320
0 Kudos
ebujedo
Staff
Staff

Created on ‎07-12-2022 12:24 AM

Hi Anubhavk,

 

Enabling this debug on the FortiGate side may provide more information:

show vpn ssl settings

diag debu console timestamp enable

diag debug app fnbamd -1

diag debug app sslvpn -1

diag vpn ssl debug-filter src-addr4 <client-public-ip>

diagnose debug enable

 

Regards.

 

Ezequiel.

Staff
12349
0 Kudos
Anubhavk
New Contributor
In response to ebujedo

Created on ‎07-13-2022 01:53 AM Edited on ‎07-13-2022 02:38 AM

Please find attached logs. Client connects and gets SSL VPN IP but ther is no data transfer. snapshot how can I email you logs?

Anubhavk_3-1657705120195.png

 

 

12328
0 Kudos
ebujedo
Staff
Staff
In response to Anubhavk

Created on ‎07-26-2022 01:55 AM

Hi Anubhavk,

For further analysis of these logs please open a ticket with Fortinet support.
https://support.fortinet.com

Best regards.

 

Ezequiel Bujedo

Staff
12231
0 Kudos
Anubhavk
New Contributor
In response to ebujedo

Created on ‎07-26-2022 11:57 PM

Its free version of FortiClient so support will not be provided.

I opened case ticket #7342674 for FortiGate firewall but no luck.

12208
0 Kudos
AEK
Honored Contributor II

Created on ‎07-12-2022 03:20 PM

Do these 2 clients have anything special? Like a different OS version or different FCT version?

AEK
AEK
12338
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.