Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
INT1
New Contributor III

IPSEC IKEV2 SAML SSO

Hello,

I hope everything everything good, im reaching out for help i've seen your solutions and that you have good knowledge in fortigate/forticlient we are having an isse with some forticlient on some windows laptops were we enter configs correct but its gets stuck on connecting or after i install the vs c++ redistributable it pops up but blank and after a while it shows to enter credentials for authentication and 2fa after that it disconnects on its own no error no nothing.

do you have any idea on what can be the problem cause im starting to think its a windows problem maybe a network adpater problem or something else 

1 Solution
INT1
New Contributor III

The issue has been solved it needed the VS C++ redistributable to be downloaded for the SSO pop to come up and for the disconnecting on its own just the credentials being saved(remove the SSO credentials from credntials manager)

View solution in original post

4 REPLIES 4
Shashwati
Staff
Staff

hello

please run the following command to collect log

di vpn ike log-filter clear

di vpn ike log-filter dst-addr4 [IP]

diag debug app ike -1
diag debug enable

 

diag debug disable   [run this to disable debug]

arahman
Staff
Staff

Hi, thanks for reaching out to us, it depends there could be multiple problems, have you tried changing the version of forticlient, is it happening on only one device or multiple device, is it just limited to happening on windows or you are seeing on any other device as well, and you will also have to see if the packet are coming on the fortigate with the sniffer command

diag sniffer packet any ' host <remote IP> and (port 500 or 4500) ' 4 0 l

and also run the ike debugs and saml debugs as shown above 

di vpn ike log-filter clear

di vpn ike log-filter dst-addr4 [Remote IP]

diag debug app ike -1

diag debug app samld -1
diag debug enable

and also make sure if you have multiple ipsec dialup tunnels to specify the peerID  

 

 

INT1
New Contributor III

hey, well its on some devices i tried different versions of forticlient some solve the problem some don't i will check the logs by doing the diagnos to see what's happening because there is no errors that are popping up even in event logs or forticlient logs

 

INT1
New Contributor III

The issue has been solved it needed the VS C++ redistributable to be downloaded for the SSO pop to come up and for the disconnecting on its own just the credentials being saved(remove the SSO credentials from credntials manager)

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors