Hello,
My Fortigate VM isn't syncing with FortiToken Cloud. When I try to synchronize using "exec fortitoken-cloud sync local," it fails :
"FGVMEV167DQDX5F5 # exec fortitoken-cloud sync local
Cannot retrieve user information from FortiToken Cloud!
Command fail. Return code -1"
After investigating, I found the issue lies in the SSL handshake not completing between the Fortigate and FortiToken Cloud. The SSL minimum protocol version is currently set to TLSv1:
"FGVMEV167DQDX5F5 (global) # get | grep ssl-min-proto-version
ssl-min-proto-version: TLSv1 "
I need to change this to TLSv1.2, but the option isn't available :
"FGVMEV167DQDX5F5 # config system global
FGVMEV167DQDX5F5 (global) # set ssl-min-proto-version
SSLv3 SSLv3.
TLSv1 TLSv1.
FGVMEV167DQDX5F5 (global) #
"
Any help or solution would be appreciated.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @Hamza_derbali ,
When i look at your serial number. I see you use an eval license.
The eval license has some limitations about encryption. Because of that, you can't activate TLS 1.2 on your unit.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/441460
Hello @Hamza_derbali ,
When i look at your serial number. I see you use an eval license.
The eval license has some limitations about encryption. Because of that, you can't activate TLS 1.2 on your unit.
https://docs.fortinet.com/document/fortigate/7.4.3/administration-guide/441460
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1527 | |
1020 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.