- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Forticlient Blank Screen on Fedora Linux
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forticlient Blank Screen on Fedora Linux
Hey,
I am obligated to use Forticlient VPN for my workplace. Unfortunately, whenever I try to open the Forticlient GUI, I get a completely blank screen. The navigation menu on the top loads fine, I can press file which gives me an option to quit the application (and nothing else), and I can press Help which gives me two links to documentation that don't help me in this situation. The program itself doesn't load however.
Does anyone have an idea how to solve this issue? I just tried to install the rpm-package from the VPN-only client. I guess it may be specifically designed for CentOS only? If so, is there any way to get it working on Fedora?
My terminal output doesn't give me a lot:
[sjoerd@lennart ~]$ forticlient
Fontconfig warning: "/usr/share/fontconfig/conf.avail/05-reset-dirs-sample.conf", line 6: unknown element "reset-dirs"
Platform detected: fedora
[ '/usr/lib/opt/forticlient/gui/FortiClient-linux-x64/FortiClient' ]
did-finish-load
window-all-closed
I'm running Fedora Silverblue with the latest base image from the 3th of June 2022 if that helps anyone.
Kind regards,
Sjoerd
Labels:
- Labels:
-
FortiClient
- « Previous
-
- 1
- 2
- Next »
13 REPLIES 13
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you tried either?
https://github.com/theinvisible/openfortigui
https://github.com/adrienverge/openfortivpn
Kind of a last resort if the Fortinet products don't work on your machine, in my opinion, but some people like these projects more.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am having the same issue on Fedora Silverblue 38 (black GUI app, `fortivpn` CLI always gets an error). Forticlient VPN `7.0.7.0246`.
I was able to debug and understand the issue.
Forticlient has a system service and clients such as CLI and GUI, they communicate via an HTTP API.
One of forticlient service components, `confighandler`, is responsible for accepting connection from clients; upon receiving a request it will try to identify the calling process (by looking through `procfs`) and verify it is a 'forticlient' process. It does that by comparing process executable path with `/opt/forticlient` which it should match exactly from the beginning. Security you may ask... just cringe.
This check is not true on `rpm-ostree` systems because of the way `rpm`s in `/opt` are implemented (installed into `/usr/lib/opt/`) and even beside that - `/opt` is a symlink to `/var/opt`.
I was able to patch the binary to amend the check into looking for `/opt/forticlient` substring in the client binary path and clients indeed started working (UI now loads and CLI works).
All in all - I still can't use the bloody Forticlient. Turns out it doesn't even work on regular Workstation (38) (with SSO/SAML - doesn't connect fully) and it didn't on Silverblue.
For SAML/SSO you can use `openfortivpn` CLI by logging in manually in the browser and specifying the cookie to the client.
P.S.
To rant and vent a bit more - there are so many things wrong with Forticlient...
1. It is not normal to deliver files to `/opt` in a package manager delivered SW (rpm/deb)! If you package it - it should go into `/usr` directly (at least that's a Debian policy which makes it very clear). This would have avoided the problem.
2. Why that client 'check'? Does it achieve anything, seriously? This would have avoided the problem.
3. Oh, and the server components (running as root) look for a user DBus session to do something with it. I'm sorry, but WTF!? You have a 'client' (GUI or CLI which runs as user) to do it for god sake!
4. `confighandler` still tries to write something to `/opt/forticlient/` - `fctinstalled.tm` file. I believe it does not fail if it can't, but nevertheless.
5. None of installed binaries are available in PATH (although there is a CLI program) - see bullet 1.
TLDR - We're all better off using openfortivpn and other open clients.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I had the same "blank GUI" problem on Fedora Silverblue 39, and I was able to work around it by simply running:
sudo /opt/forticlient/vpn -s vpn.fqdn.com -u username -p
And that somehow worked with the inputted password, no GUI required.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It won't work for us due to 2FA. I have another laptop with FC38, and forticlient_vpn_7.0.10.0346_x86_64.rpm works just fine. Still haven't got a clue as to why forticlient_vpn on my fc37 laptop just gives a white screen. Annoying as hell.
The older laptop has low resolution display, while my work laptop has HiDPI. Maybe that is the reason...
--
torel
torel
--torel
- « Previous
-
- 1
- 2
- Next »
Related Posts
- About Restoring the FortiClient Backup Configuration... 142 Views
- FortiClient Azure SSO VPN issues 125 Views
- Fortiproxy BSOD Netio.sys 158 Views
- FortiClient certificate warning on Linux 608 Views
- SAML Azure configuration for FortiClient authentication 318 Views
Labels
-
FortiGate
6,532 -
FortiClient
1,304 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
414 -
5.6
362 -
FortiSwitch
333 -
FortiAP
333 -
FortiClient EMS
263 -
6.2
251 -
FortiMail
242 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
150 -
6.4
128 -
FortiNAC
106 -
FortiGuard
102 -
FortiSIEM
88 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
69 -
Customer Service
69 -
4.0MR3
64 -
SSL-VPN
60 -
Wireless Controller
58 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
24 -
Firewall policy
23 -
FortiConnect
23 -
FortiWAN
22 -
FortiConverter
21 -
VLAN
20 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
Routing
12 -
FortiAuthenticator
12 -
FortiCASB
12 -
Interface
11 -
Logging
11 -
FortiGate v5.0
10 -
LDAP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
Virtual IP
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
SSL SSH inspection
6 -
Security profile
6 -
Authentication
6 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
Traffic shaping policy
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
IPS signature
3 -
packet capture
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Intrusion prevention
3 -
Automation
3 -
DoS policy
3 -
Port policy
3 -
FortiDB
3 -
FortiDeceptor
2 -
FortiInsight
2 -
NAC policy
2 -
VoIP profile
2 -
Antivirus profile
2 -
Web profile
2 -
Traffic shaping profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Fortinet Engage Partner Program
2 -
trunk
2 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
FortiPAM
1 -
Application signature
1 -
Multicast routing
1 -
Authentication rule and scheme
1 -
Zone
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.