- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: Forticlient in Windows 10
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forticlient in Windows 10
Hi,
We have updated to Windows 10 and now our Forticlient does not work. It say's that we are connected, but we cannot ping / reach any hosts.
log:
5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] buf size = 65540, ptr = 0, space = 65540 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] len = -1 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl -> SSL_ERROR_WANT_READ 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl return 0 bytes, read after timeout 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [tunnel_loop_read_socket] wait for socket event 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: wait for socket event timeout, try to do a read 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] buf size = 65540, ptr = 0, space = 65540 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] len = -1 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl -> SSL_ERROR_WANT_READ 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl return 0 bytes, read after timeout 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [tunnel_loop_read_socket] wait for socket event 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: wait for socket event timeout, try to do a read 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] buf size = 65540, ptr = 0, space = 65540 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [SSL-IN] len = -1 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl -> SSL_ERROR_WANT_READ 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: poll_recv_ssl return 0 bytes, read after timeout 5/27/2016 11:34:08 AM Debug VPN FortiSslvpn: 5040: [tunnel_loop_read_socket] wait for socket event
4 REPLIES 4
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm pretty sure you have the well known Win10 DNS routing problem.
Try to set the metric on the LAN/WiFi adapter to be higher (15) than the one windows assigns to the VPN (11). Do the same on your IPv6 settings when it's not disabled.
If you still have the problem, then add this 2 registry keys to disable the new "feature" in Windows 10. The DNS resolver sends DNS requests in parallel to all available network interfaces and uses the fastest reply to come.
Key: HKEY_LOCAL_MACHINE\Software\Policies\Microsoft\Windows NT\DNSClient Value: DisableSmartNameResolution Data: 1 Key: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Dnscache\Parameters Value: DisableParallelAandAAAA Data: 1
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thank you for answering!
I tried it both, but unfortunately it does not work.
I did some research and it seems that when I uninstall my Cisco VPN Client that Forticlient works. But if Cisco VPN Client is installed only the Cisco Client works. We need both installed.
Hope you have a solution for this!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
So we uninstalled everything again and installed only Forticlient, but it doesn't work anymore.
It say's connected, but I cannot ping any host
This is the log:
6/1/2016 4:20:25 PM Debug VPN (repeated 31 times in last 62 sec) FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:26 PM Notice VPN date=2016-06-01 time=16:20:25 logver=1 type=traffic level=notice sessionid=27567360 hostname=xxxx uid=6C1D176241D44F2A83DF898BA273D6C8 devid=FCT8000501172583 fgtserial=N/A regip=N/A srcname=sslvpn srcproduct=N/A srcip=xxxx srcport=N/A direction=outbound destinationip=xxxx remotename=N/A destinationport=443 user=xxxx proto=6 rcvdbyte=90194314045 sentbyte=42949675317 utmaction=passthrough utmevent=vpn threat=connect vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 10 Professional Edition, 64-bit (build 10586)" usingpolicy="" service= url=N/A userinitiated=0 browsetime=N/A 6/1/2016 4:20:26 PM Notice VPN id=96600 msg="SSLVPN tunnel status" vpnstate=connected vpntunnel="xxxx" vpntype=ssl 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: CSvlauncherDlg::InitFortiSslvpn() Called. 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: CSvlauncherDlg::InitFortiSslvpn(): Daemon is running 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: SslvpnAgent: before connect pipe 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: SslvpnAgent: before create file 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: SslvpnAgent: ActiveX connected to SslvpnDaemon 6/1/2016 4:20:26 PM Debug VPN FortiSslvpn: CSvlauncherDlg::InitFortiSslvpn(): SslvpnAgent initialized successfully 6/1/2016 4:20:28 PM Debug VPN FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:35 PM Debug VPN (repeated 4 times in last 8 sec) FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:38 PM Debug VPN FortiSslvpn: CSvlauncherDlg::DisconnectFortiSslvpn() Called. 6/1/2016 4:20:38 PM Notice VPN FortiSslvpn: 12188: Ras: connection to fortissl terminated 6/1/2016 4:20:38 PM Debug VPN FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:40 PM Notice VPN date=2016-06-01 time=16:20:39 logver=1 type=traffic level=notice sessionid=27567360 hostname=xxxx uid=6C1D176241D44F2A83DF898BA273D6C8 devid=FCT8000501172583 fgtserial=N/A regip=N/A srcname=sslvpn srcproduct=N/A srcip=xxxx srcport=N/A direction=outbound destinationip=xxxx remotename=N/A destinationport=443 user=xxxx proto=6 rcvdbyte=90194327562 sentbyte=42949688469 utmaction=passthrough utmevent=vpn threat=disconnect vd=N/A fctver=5.4.0.0780 os="Microsoft Windows 10 Professional Edition, 64-bit (build 10586)" usingpolicy="" service= url=N/A userinitiated=0 browsetime=N/A 6/1/2016 4:20:40 PM Debug VPN FortiSslvpn: HttpOpenRequest(): hReq=NULL, URL=/remote/logout, LastError=6 6/1/2016 4:20:40 PM Debug VPN FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:41 PM Debug VPN (repeated 1 times in last 2 sec) FortiSslvpn: CSslvpnBase::RefreshConnection() Called. 6/1/2016 4:20:42 PM Debug VPN FortiSslvpn: SslvpnAgent: Closed pipe instance 6/1/2016 4:20:44 PM Debug VPN FortiSslvpn: CSslvpnBase::RefreshConnection() Called.
( The xxxx are normally ip addresses / user etc.)
Hopefully you can help us!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
The registry keys don't work for Windows 10, only Windows 8.
For Windows 10, you can use GPO to deactivate the feature. Follow the steps below to do this:
[ol]-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
-DDSkier FCNSA, FCNSP FortiGate 400D, (2) 200D, (12) 100D, (2) 60D
Related Posts
- Office 365 FortiSIEM 39 Views
- Vulnerability path information in Diagnostic Logs 38 Views
- How to allow access from internal... 159 Views
- FSSO and Windows Event 4776 66 Views
- SSL VPN Split DNS configured according... 90 Views
Labels
-
FortiGate
6,782 -
FortiClient
1,345 -
5.2
801 -
5.4
639 -
FortiManager
582 -
FortiAnalyzer
427 -
6.0
416 -
5.6
362 -
FortiSwitch
348 -
FortiAP
348 -
FortiClient EMS
275 -
FortiMail
266 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
163 -
6.4
128 -
FortiNAC
113 -
FortiGuard
108 -
FortiSIEM
92 -
FortiGateCloud
88 -
IPsec
88 -
FortiCloud Products
85 -
FortiToken
74 -
SSL-VPN
71 -
Customer Service
70 -
4.0MR3
64 -
Wireless Controller
62 -
FortiProxy
47 -
FortiADC
44 -
FortiEDR
42 -
Fortivoice
41 -
SD-WAN
35 -
FortiExtender
34 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiSandbox
33 -
FortiSwitch v6.4
30 -
Firewall policy
30 -
FortiAuthenticator
24 -
High Availability
24 -
FortiConnect
24 -
VLAN
23 -
FortiWAN
22 -
FortiConverter
21 -
ZTNA
20 -
FortiPortal
18 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
Certificate
16 -
SAML
15 -
DNS
15 -
FortiMonitor
14 -
BGP
14 -
LDAP
14 -
Interface
14 -
Logging
14 -
FortiGate v5.0
13 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
VDOM
12 -
fortilink
11 -
RADIUS
10 -
Authentication
10 -
Virtual IP
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
SSL SSH inspection
9 -
Traffic shaping
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
SSID
8 -
Fortigate Cloud
8 -
SSO
8 -
Application control
8 -
FortiGate v4.0 MR3
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
FortiBridge
6 -
SNMP
6 -
Web application firewall profile
6 -
Web profile
6 -
Proxy policy
5 -
Traffic shaping policy
5 -
FortiAP profile
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Packet capture
4 -
Antivirus profile
4 -
Automation
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Port policy
4 -
FortiToken Cloud
3 -
DoS policy
3 -
Email filter profile
3 -
Web rating
3 -
Intrusion prevention
3 -
FortiDB
3 -
trunk
3 -
FortiDeceptor
2 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Fortinet Engage Partner Program
2 -
Users
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Fabric connector
1 -
Multicast routing
1 -
Explicit proxy
1 -
Zone
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.