Hello
I'm trying to authenticate remote vpn clients by certificate only. Ive found youtube video that shows how to prepare certificates (this is ssl vpn example). I did everything needed for this to work... i wished.
Unfortunately my FortiClient wont connect. After enabling debug in FC and click 'connect' I get this:
2017-07-10 22:28:11 Debug VPN pki_get_mycert() name = testcert CA 2017-07-10 22:28:11 Debug VPN AuthDaemon. Message in pipe 2017-07-10 22:28:11 Debug VPN AuthDaemon. CSP_AND_CERTNAME 2017-07-10 22:28:11 Debug VPN AuthDaemon. Certificate returned 2017-07-10 22:28:11 Debug VPN pki_get_mycert() return mycert null !!!! 2017-07-10 22:28:11 Notice VPN ike_cfg_gw_init failed check the vpn gateway configuraiton 2017-07-10 22:28:13 Debug VPN AuthDaemon. Message in pipe 2017-07-10 22:28:13 Debug VPN AuthDaemon. Got Quit message. 2017-07-10 22:28:13 Debug VPN authentication finished
Client machine is Windows10, i have installed client (testcert) certificate, also 'server' and CA in desperation but with no luck (either on local user/machine accounts).
There is no traffic between client and FG. When I switch to preshared key authentication I can see ike debug results on my FG.
Any help would be appreciated.
ios5.6
fc5.6
ps. this is my first FortiGate unit...
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.