Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Ivanildo_Galvao
New Contributor

Forticlient VPN, IPSEC with certificate

I configured an IPSEC VPN tunnel on the Fortigate 200E, so that users can access the network remotely using Forticlient. Authentication will be by certificate and not by pre-shared key. I downloaded the Fortinet_SSL certificate from Fortigate itself, converted it to PFX together with the private key, using OpenSSL, then installed it on a computer and tried to connect to the VPN, it doesn't connect and a message appears asking "to check the network connection and pre-key shared " In the Fotigate logs, I see authentication error in Phase1. Is the procedure I adopted right, or was something missing?

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3

Ivanildo Galvão Consultor de Tecnologia MCP, MCT, MCSA, VSP, VTSP, ITIL V3
1 REPLY 1
boneyard
Valued Contributor

i would setup a CA and have that create a client certificate. reusing the built in FortiGate certificate probably wont work (is not a client cert and perhaps not a CA) and is not a good idea in general.

Labels
Top Kudoed Authors