Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate-VM Evaluation copy. Can't test SSL VPN Client setup

Hello   I installed FortiGate-VM v 6.2 and 5.6.9 (Both Evaluation Copies) on VMware Workstation. As instructed in multiple tutorial videos (Cookbook and Youtube), I configured SSL VPN on them to test client access.   Problem-1: When trying to test the SSL VPN functionality https://<external_IP>:10433 is fails with error like SSL_ERROR_NO_CYPHER_OVERLAP  (Firefox) or similar error message about SSL version mismatch when using other browsers.   - I know, evaluation copies have some limitation, like Low encryption only (no HTTPS administrative access) - Some threads talk about using old Web browsers for TLS version to overcome the problem.   I tried to enable TLS 1.0 ans SSL 2.0 in old IExplorer ver 7 that come with Windows XP,  it did not help!   [<font][style="background-color: #3366ff;"]Question[/style]: Any idea, whether it's possible or not at all to test SSL VPN Client with evaluation copies ?   Problem-2: Installed an Offline version of FortiClient VPN 6.2 on a Win 7 Desktop, it failed to connect,                    it stacks at 40% SSL-VPN connection.

                   Debug shows me "[style="background-color: #999999;"]SSL_accept failed, 1:no shared cipher[/style]" 

                   FortiGate-VM Evaluation Setup:

                      reqclientcert       : disable                                                                                                                 tlsv1-0             : [<font][style="background-color: #ffff99;"]enable[/style]                                                                                                                  tlsv1-1             : enable                                                                                                                  tlsv1-2             : enable 


I am not a customer and I do not have Certificates for that, just home Lab. How to bypass this issue for testing                purposes ?   Thank you

Top Kudoed Authors