Unable to connect to VPN on windows 10 via prelogon, get an 628 error.
- Windows 10 1803
- Forticlient 6.0.4.0182
- Fortigate 301E Firewall
- LDAP authentication
- Connecting to VPN within windows is successful.
- Trying to connect to VPN before windows 10 logon ( just comes up with an error 628)
Has anyone else experienced this? or have any advice on how to resolve?
Hi,
Just want to inform, we are seeing the exact same problem.
FortiClient 6.0.4
Fortigate 200E
RADIUS Auth.
VPN within windows is working flawless.
We have a valid public certificate on the firewall.
VPN before windows logon shows error 628.
Im starting a support case tomorrow on this. And I'll inform here if I find a workaround.
Please also do the same. Thanks.
Atomizer wrote:Im starting a support case tomorrow on this. And I'll inform here if I find a workaround.
Please also do the same. Thanks.
Did you get anywhere with this? Seeing the same here.
Chris
Sorry for not getting back.
Fortinet Support was not able to fix the problem, and we ultimately ended up not using the feature. :(
Their only solution was to use Legacy mode, which changed the look and feel of the feature to something that our customer would not accept.
If you want to refer to the case its this one: 3086347
Pasted the answer from the support case:
<use_legacy_vpn_before_logon> -- [1]
<use_windows_credentials> ------ [2]
<use_legacy_vpn_before_logon> -- [3]
<vpn>
<options>
<current_connection_name>a.b.c.d</current_connection_name>
<current_connection_type>ipsec</current_connection_type>
<autoconnect_tunnel />
<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>
<keep_running_max_tries>0</keep_running_max_tries>
<save_password>0</save_password>
<minimize_window_on_connect>1</minimize_window_on_connect>
<allow_personal_vpns>1</allow_personal_vpns>
<disable_connect_disconnect>0</disable_connect_disconnect>
<show_vpn_before_logon>1</show_vpn_before_logon> <----------------- 1
<use_windows_credentials>1</use_windows_credentials> <-------------- 2
<use_legacy_vpn_before_logon>1</use_legacy_vpn_before_logon> <---- 3
<show_negotiation_wnd>0</show_negotiation_wnd>
<vendor_id />
</options>
</vpn>
Could you clarify "Their only solution was to use Legacy mode, which changed the look and feel of the feature to something that our customer would not accept." How did the look and feel change?
I have a customer with the same issue. Uninstalled it, reinstalled, repaired it, no change.
Has anyone opened a ticket with Fortinet and seen a workaround?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.