Hi,
We have an issue where the Fortinet Client VPN software cannot see the local computer certificate when launching the software as a standard user. The software can see the certificate when configuring the VPN settings but when the client is launched it cannot see the certificate. We think this is permissions related, the users are not local admins.
Thanks!
You need to enable the option for "Allow Non-Administrators to Use Machine Certificates". If you are using EMS to manage your clients, you can find the toggle under your VPN Tunnel's Advanced Settings located in your applicable Remote Access Profile.
Hi,
We do not use EMS. The client can see the certofocate when creating the profile but when selecting 'connect' the certificate does not show.
If you are not using EMS, to accomplish the same thing, just add the following line to the appropriate connection in the XML configuration on the client:
<allow_standard_user_use_system_cert>1</allow_standard_user_use_system_cert>
For example:
<vpn>
<sslvpn>
<connections>
<connection>
...
<allow_standard_user_use_system_cert>1</allow_standard_user_use_system_cert>
</connection>
</connections>
</sslvpn>
</vpn>
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1735 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.