Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
TZ1
New Contributor

Created on ‎08-01-2024 12:01 AM Edited on ‎08-01-2024 12:03 AM

Installed the new update (7.4.4) since then - no VPN possible - permission denied (- 455)

Hi, the subject explains everything.

 

This morning I installed the newest update. Since then noone can start a vpn-connection. Me neither - and I am sure, that my logon is correct. And the others can't be all wrong also.

 

Everything else works, and in the office I can logon as administrator - everything looks fine.

The LDAP-Server is running, and hasn't been changed at all, not even rebootet.

 

I rebootet the FortiGate again, just in case - didn't help.

 

We use FortiTokens, but it is not asking for the token - already a problem with the logon.

 

Any Ideas?

Labels:
1729
0 Kudos
1 Solution
Anthony_E
Community Manager
Community Manager

Created on ‎08-01-2024 12:04 AM

Hello,

 

Could you please have a look at this discussion?:

 

https://community.fortinet.com/t5/Support-Forum/SSL-VPN-Failure-Permission-Denied-455-after-update-t...

 

Regards,

Anthony-Fortinet Community Team.

View solution in original post

1720
4 REPLIES 4
Anthony_E
Community Manager
Community Manager

Created on ‎08-01-2024 12:04 AM

Hello,

 

Could you please have a look at this discussion?:

 

https://community.fortinet.com/t5/Support-Forum/SSL-VPN-Failure-Permission-Denied-455-after-update-t...

 

Regards,

Anthony-Fortinet Community Team.
1721
rbraha
Staff
Staff

Created on ‎08-01-2024 12:08 AM

Hi @TZ1 

Are you using LDAPs port 636 on your FGT or plain ldap port 389?

If yes maybe this KB will help.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-LDAPS-connections-no-longer-work-after-upd...

 

If not try to run the below debug commands on FGT CLI:

 

diag debug cons time enable

diag debug application fnbamd -1

diag debug application sslvpn -1

diag debug enable

1713
TZ1
New Contributor
In response to rbraha

Created on ‎08-01-2024 12:56 AM

Hi, It is 636.

 

In Name - Servername - IP/Name - IP-address.

Looks good so far, but if I activate Server Identity Check it looses contact to the server.

 

Fortinet.png

1697
0 Kudos
rbraha
Staff
Staff
In response to TZ1

Created on ‎08-01-2024 03:22 AM

The server identity check option is used when enable/disable  against its certificate and subject alternative name(s).

1671
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.