Fortinet Community

Tazio · ‎09-08-2022

Hi,

I many users who are using FortiClient since we migrated to FortiGate 100F.

One user has not been able to connect and he gets the following error message.

I have tried his laptop and used my credentials and it works fine which means there is no problem on FortiClient side.

I have done a reset of his password in DC. Still not working.

Is there a way i can see what is happening when he is trying to connect like a debug or any lg I can check on my FortiGate 100F?

Please see attached file.

He has only to put his username and password.

Thanks in advance

Tazio

jhussain_FTNT · ‎09-09-2022

Hi Tazio,

Kindly capture the below logs

diagnose vpn ssl debug-filter src-addr4 x.x.x.x ----where x.x.x.x is the public IP address on the client side

diagnose debug app sslvpn -1
diag debug application fnbamd -1

diagnose debug cons time en

diagnose debug enable

to stop the debug

diag debug disable

Regards

Jamal

View solution in original post

jhussain_FTNT · ‎09-09-2022

Hi Tazio,

Kindly capture the below logs

diagnose vpn ssl debug-filter src-addr4 x.x.x.x ----where x.x.x.x is the public IP address on the client side

diagnose debug app sslvpn -1
diag debug application fnbamd -1

diagnose debug cons time en

diagnose debug enable

to stop the debug

diag debug disable

Regards

Jamal

Tazio · ‎09-09-2022

Hi Jamal,

You save my day.

I did the debug and found the issue.

We also just introduced MFA with DUO platform and we tested the MFA when I was doing migration to FortiGate and everything was fine but then I bypassed all used because we are waiting a little bit to go live with DUO. This was the only user that I missed to bypass.

Everything working like a charm.

Thanks again.

Tazio

Fortinet Community

FortiClient not working for one user on Windows 10