We are deploying Forticlient VPN ver: 7.2.4.0138 to about 400+ Chromebooks and Chromeboxes.
We are trying to push out a Managed configuration with the deployment from Google Workspace.
The managed configuration requires a JSON file. We can find no reference for field/key names required for this nor what fields/keys absolutely have to be present for it to work. We have experimented with field/key names based on an export of a forticlient vpn from a windows machine with no success. We continue to receive the following error on our chrome devices. "Discarding policy for component app:com.fortinet.forticlient_vpn due to data validation failure: The JSON blob dictionary value doesn't contain the required Value field"
The client deploys without issue, the actual VPN works without issue when manually configured. We are not Fortinet customers, we have a 3rd party vendor who provides the VPN but has refused to help with the JSON configuration. Can anyone provide a reference/document that would contain the needed fields/keys? or Perhaps give a sample working JSON that we could modify for our own situation? If we could just get the JSON file to create the basics we could experiment/add from there.
The below is a variant of what we have tried, with many different variations for each(all giving the error listed above):
{
"Value": {
"vpn": {
"DisplayName": "Our Company VPN",
"VpnType": "SSL",
"Host": "remote.ourcompany.com",
"Port": 443
}
}
}
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
@Michael_Camp wrote:We are deploying Forticlient VPN ver: 7.2.4.0138 to about 400+ Chromebooks and Chromeboxes.
We are trying to push out a Managed configuration with the deployment from Google Workspace.
The managed configuration requires a JSON file. We can find no reference for field/key names required for this nor what fields/keys absolutely have to be present for it to work. We have experimented with field/key names based on an export of a forticlient vpn from a windows machine with no success. We continue to receive the following error on our chrome devices. "Discarding policy for component app:com.fortinet.forticlient_vpn due to data validation failure: The JSON blob dictionary value doesn't contain the required Value field"
The client deploys without issue, the actual VPN works without issue when manually configured. We are not Fortinet customers, we have a 3rd party vendor who provides the VPN but has refused to help with the JSON configuration. Can anyone provide a reference/document that would contain the needed fields/keys? or Perhaps give a sample working JSON that we could modify for our own situation? If we could just get the JSON file to create the basics we could experiment/add from there. urdu novels pdf download
The below is a variant of what we have tried, with many different variations for each(all giving the error listed above):
{
"Value": {
"vpn": {
"DisplayName": "Our Company VPN",
"VpnType": "SSL",
"Host": "remote.ourcompany.com",
"Port": 443
}
}
}
It seems like the JSON configuration you’re using is missing some required fields or might be incorrectly structured. The error indicates that the JSON blob doesn't contain the necessary "Value" field for the Forticlient VPN.
To resolve this, you can use a sample JSON configuration structure that aligns with what Google Workspace requires for deploying managed configurations.
Thank you for your response. I don't think this is a Google Workspace requirement issue. I know with the other apps we push out, the JSON keys/parameters are clearly defined in the documentation for those apps. For example our JSON file for Zoom is as follows: { "AutoLoginWithChromeBookUserAccount": true } . That is the simplest one, some are more complex but there are no over arching requirements other than to be in JSON format. So compared to other apps we push out, the keys/paramaters/requirements will be determined by forticlient_vpn ... which I can find no documentation for.
Not sure if it helps, but here is the XML version of our working setup::
<?xml version='1.0' encoding='utf-8'?>
<sslvpn-tunnel ver='2' dtls='1' patch='1'>
<dtls-config ver='2' heartbeat-interval='10' heartbeat-fail-count='10' heartbeat-idle-timeout='10' client-hello-timeout='10' />
<tunnel-method value='ppp' />
<tunnel-method value='tun' />
<tunnel-method value='websocket' />
<auth-ses check-src-ip='1' tun-connect-without-reauth='0' tun-user-ses-timeout='30' />
<client-config save-password='on' keep-alive='on' auto-connect='on' />
<ipv4>
<split-dns domains='domain-one.com,domain-two.dk' dnsserver1='ip-of-dnsserver1' dnsserver2='ip-of-dnsserver2' />
<dns domain='domain-one.com;domain-two.dk' />
<dns ip='ip-of-dnsserver1' />
<dns ip='ip-of-dnsserver2' />
<assigned-addr ipv4='10.10.2.151' />
<split-tunnel-info>
<addr ip='10.0.0.0' mask='255.0.0.0' />
<addr ip='172.16.0.0' mask='255.240.0.0' />
<addr ip='192.168.0.0' mask='255.255.0.0' />
<addr ip='185.17.194.50' mask='255.255.255.255' />
</split-tunnel-info>
</ipv4>
<idle-timeout val='0' />
<auth-timeout val='28800' />
</sslvpn-tunnel>
See if you can convert those field/keys to JSON..?
I think split-tunnel-info is pushed from the FG, but not sure.. it's routes from the policy the user is a member of.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1641 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.