Forticlient Connected but no bytes sent or received

pai · ‎01-09-2019

Hi

I am trying to connect to a vpn through forticlient installed in linux mint as a VM

The connection is successful but i didnt get the ip and the byte received and send are 0 .

Connection is successful when i tried from the host wndows machine another linux VM .

Log :-

01/09/2019 19:17:17 [1784] rcv cmd:1 at state[1] 01/09/2019 19:17:17 [1784] stopping ssl vpn tunnel[v4.0.2333] 01/09/2019 19:17:17 [1784] kill_child:1791 01/09/2019 19:17:17 [1784] kill_child:1789 01/09/2019 19:17:17 [1789] signal rcved, logout now 01/09/2019 19:17:17 [1789] ssl_write error return -1 01/09/2019 19:17:17 [1791] killing pppd ... 01/09/2019 19:17:17 [1791] kill_child:1793 01/09/2019 19:17:17 [1784] tunnel terminated 01/09/2019 19:17:17 [1815] begin cleanup linux... 01/09/2019 19:17:17 [1815] clean up route... 01/09/2019 19:17:17 [1815] truncate pppd.log 01/09/2019 19:17:17 [1815] truncate forticlientsslvpn.log 01/09/2019 19:17:17 [1784] ssl vpn tunnel stopped 01/09/2019 19:17:17 [1784] rcv cmd:2 at state[0] 01/09/2019 19:17:19 [1820] set the loglevel to 1 01/09/2019 19:17:19 [1820] sslvpn connection version:4.0.2333 01/09/2019 19:17:19 [1756] set the loglevel to 1 01/09/2019 19:17:19 [1820] rcv cmd:0 at state[0] 01/09/2019 19:17:19 [1820] starting ssl vpn tunnel[4.0.2333] 01/09/2019 19:17:19 [1824] route backup START 01/09/2019 19:17:19 [1824] Failed create backup file 01/09/2019 19:17:19 [1825] execl /home/pai/Vhl/vpn/forticlientsslvpn/64bit/./helper/get_fortisslvpn_info /home/pai/Vhl/vpn/forticlientsslvpn/64bit/./helper vpn.edited.com 443 ... 01/09/2019 19:17:19 [1825] trusted CA dir: /home/pai/.fctsslvpn_trustca 01/09/2019 19:17:19 [1825] set loglevel to 1 deleted the certificate portions

01/09/2019 19:17:22 [1825] realm is enabled: 01/09/2019 19:17:22 [1825] no Content-Length 01/09/2019 19:17:22 [1825] try to get cookie for the first time: 98 : SVPNNETWORKCOOKIE=; path=/remote/network; expires=Sun, 11 Mar 1984 12:00:00 GMT; secure; httponly 01/09/2019 19:17:23 [1825] no Content-Length 01/09/2019 19:17:23 [1825] cookie: SVPNCOOKIE=gQbPaJVfFh1whlc3Dx6vECyp3ijffr+myenqYzl2c2Cc5iHd/GlLOa6x9ruf 01/09/2019 19:17:23 [1825] no Content-Length 01/09/2019 19:17:23 [1825] no Content-Length 01/09/2019 19:17:23 [1825] 01/09/2019 19:17:23 [1820] ssl vpn tunnel started 01/09/2019 19:17:23 [1827] server=vpn.edited.com[vpn.edited.com] port=443[443] version=1 tunnel=10.11.10.10/255.255.255.255,10.11.1.0/255.255.255.0 cookie=gQbPaJVfFh1whlc3Dx6vECyp3ijffr+myenqYzl2c2Cc5iHd/GlLOa6x9rufH/KqeKDIVQT5Cn5ZzLz5b1WE+aNCweulwfXlUN8LHYNGwxLn5vFuWzmDLKkD7LelybVtLDOCmNlrCyHAr5F+wqjldfNUPOnJL8K+8Ur3VzHUHThgPnIEqy4s56uvIzaKtBYliWw3VPrZA== exclusive routing: 0

01/09/2019 19:17:23 [1827] starting pppd 01/09/2019 19:17:23 [1827] use tty:/dev/pts/1 01/09/2019 19:17:23 [1827] connecting to vpn.edited.com:443 01/09/2019 19:17:25 [1827] [xml config]: GET /remote/fortisslvpn_xml ... (received 983 bytes): HTTP/1.1 200 OK Date: Wed, 09 Jan 2019 08:17:25 GMT Server: xxxxxxxx-xxxxx Transfer-Encoding: chunked Content-Type: text/xml X-Frame-Options: SAMEORIGIN Content-Security-Policy: frame-ancestors 'self' X-XSS-Protection: 1; mode=block X-Content-Type-Options: nosniff Strict-Transport-Security: max-age=31536000

<?xml version='1.0' encoding='utf-8'?><sslvpn-tunnel ver='2' dtls='1' patch='1'><dtls-config heartbeat-interval='10' heartbeat-fail-count='10' heartbeat-idle-timeout='10' client-hello-timeout='10' /><tunnel-method value='ppp' /><tunnel-method value='tun' /><fos platform='FG100E' major='5' minor='06' patch='6' build='1630' branch='1630' /><client-config save-password='off' keep-alive='on' auto-connect='off' /><ipv4><assigned-addr ipv4='172.16.1.1' /><split-tunnel-info><addr ip='10.11.10.10' mask='255.255.255.255' /><addr ip='10.11.1.0' mask='255.255.255.0' /></split-tunnel-info></ipv4><idle-timeout val='3600' /><auth-timeout val='18000' /></sslvpn-tunnel> ----

01/09/2019 19:17:25 [1827] dns suffix:

01/09/2019 19:17:25 [1827] xml parsing split tunnel info 01/09/2019 19:17:25 [1827] xml parse split tunnel info success. Buffer length: 52 bytes

Please help

thanks

pai

pai · ‎01-09-2019

I just compared with the logs of the working machine .

"Got local address from ppp " is missing in the issue log

I think the issue is in getting ip .I am not sure why .

Kindly help

rgds

pai

SteveG · ‎01-10-2019

Are you connecting via IPSec VPN or SSL VPN? I'd run a TCPDUMP on the Mint box and filter on the VPN IP so you can 'see' what's going on. If it's IPsec you might find the local router is dropping protocol 50 which results in the situation you're describing.