Hello,
We have a problem with our VPN.
We are experiencing an issue that occurs once every month, where employees (it changes - skipping between users) using only Mac computers come to the office (but happens also in their home wifi) and are unable to access internet when they are connected to VPN.
We use:
Forticlient vpn only free - last version
IPSEC VPN
When they try to ping servers/addresses: sendto no buffer space available
When it happens I see many interfaces with addresses of VPN (192.168.11.0/24).
After disabling interface with VPN: ifconfig interface utun4 down - internet works!
Another user told me: WIFI works, VPN works. He leaves the computer, computer goes to sleep mode and after that Forticlient seems as connected but no internet!
Another user reported: I was on the train, using HOTSPOT and Forticlient.
Close the lid (So internet was disconnected). Went to the Office, I was connected to Office's WIFI and had this problem of buffering.
Why are there many interfaces instead of just one? Why does FortiClient create multiple connections?
Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi CaptainIT
If it is full tunnel then I guess the active default route is pointing to the wrong tunnel interface, and when you disable it then the default route points to the right interface.
And regarding the multiple interface creation, do you confirm that it creates one new interface each time you initiate a new VPN connection? Or does it create them all at once?
Can you also check if the below access rights are provided:
https://docs.fortinet.com/document/forticlient/7.4.0/macos-release-notes/223986/special-notices
Hello,
If it is full tunnel then I guess the active default route is pointing to the wrong tunnel interface, and when you disable it then the default route points to the right interface - what can I do please to fix it? I have full tunnel
And regarding the multiple interface creation, do you confirm that it creates one new interface each time you initiate a new VPN connection? Or does it create them all at once? It creates one when people using FortiClient normally without any problem and when they problem we see multiple interfaces.
Can you also check if the below access rights are provided - Checked - they have permission.
What can I do please in order to solve this problem ?
Thanks
Hi
Which MacOS version?
All the users with Somoma
Can you try an older FCT version like 7.0.13 or 7.2.5?
I installed for two users: FortiClientVPNSetup_7.2.0.0655_macosx today.
Now I need to wait and see what happens. Do you have any idea what we could do more?
Thanks
Is much better to use 7.2.5 instead 7.2.0.
7.2.5 is more stable and has much less issues.
Created on 09-25-2024 03:54 AM Edited on 09-25-2024 03:55 AM
I reinstall to 7.2.5 as you wrote. What could be the reason it happens?
Thanks
I didn't find such known issues in the release notes, so it needs more troubleshooting in order to find the root case.
It is possible that FortiClient is not able to do tunnel interface cleanup (removal) when a VPN session is closed.
You can check in both system event logs and in FortiClient event logs.
If you find something relevant you can share and we'll try to help.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1643 | |
1069 | |
751 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.