Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Not applicable

Forticlient VPN and Verizon Air-Card

I have 4 users with the Verizon mobile broadband card and none of them can connect with the Forticlient VPN. The client connects with the Fortigate because I can see the logs on the firewall itself. Once it connects, it will not obtain an IP adddress; it just keeps spinning until it times out. If I put in a static IP address, it connects and obtains sets the IP address. However, the default gateway is automatically assigned as the IP Address + 1 (If I set 10.0.0.1 as the IP, it sets the gateway as 10.0.0.2). It will not allow me on the network, even though it' s connected. Is there anyone else out there that had issues with the Verizon cards connecting? Our local police use the Forticlient and the Verizon cards, so I know it works!!!
10 REPLIES 10
Not applicable

We use Verizon Air Cards as well and it' s been working fine for us with SSL VPN. One thing we initially had trouble with was that Outlook would not connect to Exchange when using an Air Card and SSL VPN. It would work fine if not using an Air Card for Internet. If you go to the options in the Verizon software, check the box for NDIS mode and this solved the issue for us.
Not applicable

I' m not sure if this makes a difference, but we are using IPSEC for the VPN tunnel. Checking the NDIS mode didn' t change anything. It' s definitely connecting to the Fortigate, it just won' t obtain an IP address. It works fine for any outside connection, just not with the air cards.
Not applicable

I can' t really speak much to IPSEC VPN as I' ve never done it on the Fortigates. With SSL VPN we had to give the SSL VPN DHCP range it' s own subnet (a different subnet than the Fortigate) in order for it to work correctly. Don' t know if that' s the case with IPSEC or not.
Not applicable

I read something about needing different subnets with previous software versions of the Fortigate software, but I have the latest version. I have 15 or so clients that work just fine. It' s only the air cards that give me an issue. They seem to connect and authenticate, but just won' t obtain an IP address. I' m just not sure if this is because of a setting in the firewall or the air card does something funky.
Not applicable

Grady - Just curious, what client are you using to connect to the fortigate?
Not applicable

I submitted this request to Fortinet tech support and the request went un-resolved. So, I ditched the IPSec and going with SSL and the SSL VPN Client. This works fine with the air cards.
Not applicable

Probably not much use now, but to answer your earlier question we use 3.0.384 for all of our users. When I use our VPN I usually use the web portal. As far as the Verizon client, most users are using the VZ Access Manager 6.10.10. Interesting problem you were having, I don' t have a clue what it was. In my opinion, SSL VPN is better than IPsec in most cases anyway.
Not applicable

I agree, the SSL connection is much simpler. I' m not thrilled about how the web portal requires all of those Java programs to run. It seems very resource heavy. I guess once you load it up for the first time it isn' t too bad.
Not applicable

Yeah, it' s a pretty big hassle getting all the java/activex/other nonsense installed the first time you connect using the web portal, but it' s very quick and easy every time after that. There is also a little mini SSL VPN application you can download and have your clients connect to VPN with if you don' t want to use the web portal.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors