Dear all, I am moving from SSL VPN to Ipsec, which I have not had any problems with with the Notebooks, the problem I have had is with the Android client which does not have SHA256 security, has anyone had the same problem?
Hi SuperCanal
I have FCT 7.4.3 and when creating IPsec with IKEv2 it supports SHA-256 up to SHA-512. While the same version IKEv1 doesn't offer above SHA-128.
Same for FCT VPN (free version).
Thanks, yes we realized, the problem now we have is that when we try to connect to the VPN and it asks us for two-factor authentication, which is through authenticator, when we exit the application to enter the number it is as if the VPN closes, we do not know if we have to enable something in the EMS profile
Hello @Supercanal
Perhaps you can edit the EMS profil to open the Azure authentication for the MFA challenge in an external browser — additional options in 7.4.3 EMS version
I have already tested on Windows devices but not on Android so I am not certain of the result
Let me tell me if it can help you or not
Hello @Supercanal
There are few limitation with forticlient Ipsec android, the major one is Ipsec does not support combining multiple authentication methods. For example, you cannot have a VPN that uses both PSK and SAML SSO sign in methods simultaneously. This limitation comes from the built-in VPN client API.
This doc would be helpful for you : https://docs.fortinet.com/document/forticlient/7.4.0/android-administration-guide/189805/creating-an...
Thanks
User | Count |
---|---|
2534 | |
1351 | |
795 | |
641 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.