Does the latest FortiOS (v7.4.4) support FTM-Push for IPSEC authentication? I see a number of posts in this community on this topic that indicate this is not supported with older revisions of the FortiOS. If this is a supported method to authenticate an IPSEC remote connection, I have an issue where the IPSEC connection process does not wait for the FTM-Push to be either received or approved. As such a connection can not be established with this enabled.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @smithas,
The IPSec VPN should be able to connect if FTM-PUSH is configured and the following BUG is fixed in 7.4.4.
564920 IPsec VPN fails to connect if ftm-push is configured.
Ref(Page: 48): https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/bf54b01b-12e2-11ef-8c42-fa163e...
Yes, from the release note it appears that specific issue was fixed. In this case with the FTM-Push enabled, the IPSEC authorization sequence does not pause/wait for the token request to be pushed to the user. Due to this the VPN tunnel is dropped rather quickly, and then the pushed token request will popup on the device (too late). I have looked and can not find any configurable parameters that define a wait time for the authorization sequence for the token push approval. Maybe this is still a problem with the latest FortiOS.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1502 | |
1011 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.