Forticlient SSL VPN not working on Ubuntu

Jack_T · ‎10-07-2021

Hi all,

I've installed the last version of Forticlient (7.0.0.0018) on my Ubuntu virtual machine (version 20.04.3)

I've setup a SSL VPN, but it's not working, I've receive two errors:

[ul]

[sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout

[sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel[/ul]

With the same credetials and settings I'm able to connect on a Windows machine

Anyone have encountered these errors? How can I fix the connection?

Thanks in advance,

Jack

boheee · ‎10-13-2021

Hi, I am having the same issue as well. Updated my fortigate to latest version and still unable to connect using Forticlient 7.0.1/ 6.4.4. The only way to connect in is to use openFortiGUI (https://hadler.me/linux/openfortigui/)...

However, I still wish to use official forticlient and so far it is not working. I have tried contacting support but they said it's my network/configuration setting.

I started a whole new VM of fortigate with no configs, only a SSL VPN setup and was also unable to connect in via forticlient.

```

20210929 22:29:30.101 [sslvpn:INFO] main:1412 Init 20210929 22:29:30.101 [sslvpn:INFO] main:370 Load profile: abcdefg.com 20210929 22:29:30.102 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:941 Load profile: abcdefg.com 20210929 22:29:30.112 [sslvpn:INFO] main:1112 State: Connecting 20210929 22:29:30.131 [sslvpn:INFO] main:1112 State: Logging in 20210929 22:29:30.131 [sslvpn:INFO] vpn_connection:1493 /remote/info 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:76 ApiEncMethod: 0 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:78 ApiRemoteAuthTimeout: 30 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:80 ApiServerSalt: 34a43608 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:81 flag: 223 20210929 22:29:30.462 [sslvpn:INFO] vpn_connection:1493 /remote/login 20210929 22:29:30.479 [sslvpn:INFO] vpn_connection:1493 /remote/logincheck 20210929 22:29:30.520 [sslvpn:INFO] sslvpn:336 Authentication passed 20210929 22:29:30.520 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn 20210929 22:29:30.539 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn_xml 20210929 22:29:30.563 [sslvpn:INFO] sslvpn:739 Login successful 20210929 22:29:30.586 [sslvpn:INFO] main:1112 State: Configuring tunnel 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel failed. 20210929 22:29:47.001 [sslvpn:INFO] vpn_connection:1493 /remote/logout 20210929 22:30:19.032 [sslvpn:INFO] sslvpn:751 Logout successful

```

View solution in original post

boheee · ‎10-14-2021

Hi Jack,

I am using the fortiOS from aws marketplace. Previously i was using the FortiOS v6.4.4 build1803 (ubuntu forticlients doesn't work) and i thought that it could be fortiOS. So i upgraded my fortiOS to FortiOS v7.0.1 build0157 (GA) (THIS IS THE LATEST PATCH).

Forticlient still does not work...

I actually have plans to purchase their forti-tokens to have 2FA for my forticlient but ubuntu forticlient cannot even work. I have been looking for solutions for ubuntu forticlient to get it to work but to no avail.

View solution in original post

boheee · ‎10-13-2021

Hi, I am having the same issue as well. Updated my fortigate to latest version and still unable to connect using Forticlient 7.0.1/ 6.4.4. The only way to connect in is to use openFortiGUI (https://hadler.me/linux/openfortigui/)...

However, I still wish to use official forticlient and so far it is not working. I have tried contacting support but they said it's my network/configuration setting.

I started a whole new VM of fortigate with no configs, only a SSL VPN setup and was also unable to connect in via forticlient.

```

20210929 22:29:30.101 [sslvpn:INFO] main:1412 Init 20210929 22:29:30.101 [sslvpn:INFO] main:370 Load profile: abcdefg.com 20210929 22:29:30.102 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:941 Load profile: abcdefg.com 20210929 22:29:30.112 [sslvpn:INFO] main:1112 State: Connecting 20210929 22:29:30.131 [sslvpn:INFO] main:1112 State: Logging in 20210929 22:29:30.131 [sslvpn:INFO] vpn_connection:1493 /remote/info 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:76 ApiEncMethod: 0 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:78 ApiRemoteAuthTimeout: 30 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:80 ApiServerSalt: 34a43608 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:81 flag: 223 20210929 22:29:30.462 [sslvpn:INFO] vpn_connection:1493 /remote/login 20210929 22:29:30.479 [sslvpn:INFO] vpn_connection:1493 /remote/logincheck 20210929 22:29:30.520 [sslvpn:INFO] sslvpn:336 Authentication passed 20210929 22:29:30.520 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn 20210929 22:29:30.539 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn_xml 20210929 22:29:30.563 [sslvpn:INFO] sslvpn:739 Login successful 20210929 22:29:30.586 [sslvpn:INFO] main:1112 State: Configuring tunnel 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel failed. 20210929 22:29:47.001 [sslvpn:INFO] vpn_connection:1493 /remote/logout 20210929 22:30:19.032 [sslvpn:INFO] sslvpn:751 Logout successful

```

Jack_T · ‎10-14-2021

Hi boheee,

thank for your answer

I've tried openFortiGUI too and I'm able to connect to the VPN, so I think the problem is the official client

Which version of FortiOS do you have? I've a Fortigate 90D with FortiOS 6.0.12

Regards,

Jack

boheee · ‎10-14-2021

Hi Jack,

I am using the fortiOS from aws marketplace. Previously i was using the FortiOS v6.4.4 build1803 (ubuntu forticlients doesn't work) and i thought that it could be fortiOS. So i upgraded my fortiOS to FortiOS v7.0.1 build0157 (GA) (THIS IS THE LATEST PATCH).

Forticlient still does not work...

I actually have plans to purchase their forti-tokens to have 2FA for my forticlient but ubuntu forticlient cannot even work. I have been looking for solutions for ubuntu forticlient to get it to work but to no avail.

Ofeky · ‎01-29-2022

Any updates regarding making FortiClient VPN working on Ubuntu 20.4
I'm having similar issue. the error I get in sslvpn.log file:

- vpn_connection:341 Load CA certificates failed
- vpn_connection:1133 Failed create SSL

- dns:277 No default device found. Skip.

- route:159 begin cleanup linux...

- route:161 clean up route...

- main:1457 exception: Failed create SSL

Note the certificate fail, though I marked Client Certificate=None.

Anaji · ‎10-23-2022

Open forticlient GUI.
Take note of the connection name (if you didn't create it yet, create it according to the above tutorial).
Open a terminal.
Type "fortivpn connect CONNECTIONNAME" (replace CONNECTIONNAME with the name of the connection you created earlier).
You will see a prompt, press "y" (this certificate is what's causing the issue in the GUI).You will receive a push notification on the app, approve it.
You can check the connection by typing "fortivpn status" or checking the GUI

PS. If fortivpn isn't recognized either add /opt/forticlient to the $PATH or substitute it with ./opt/forticlient/fortivpn

PSS. You will need to repeat steps 4-8 every time you need to connect.

Forticlient SSL VPN not working on Ubuntu

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website