Hello,
since this morning my forticlient creates 3 vpn interfaces when i connect to the company fortigate. 2 of the vpn interfaces are marked down and only one is up (which is good). But for the routing one of the down marked interfaces is used. This results in no connection at all. If i delete the route afterwards and add the route with the correct interface (which is up) manually everything works.
My OS is Pop-OS 22.04 LTS and the forticlient has version 7.0.8. Multiple restarts had no effect. The system is up to date.
Last week everything worked like a charm. Can someone give me a hint to debug this strange behaviour? Thanks.
Hi @raisti78,
Have you made any changes on the FortiGate? Have you tried a different version of FortiClient? To debug, you can refer to https://community.fortinet.com/t5/FortiClient/Technical-Tip-How-to-enable-debug-log-in-FortiClient/t...
Regards,
There were no changes on the Fortigate for VPN Connections. Yesterday the client added the correct route with the vpn interface which was up. Today the client chose again the wrong vpn interface which was down. Thanks for the tip with the debugging i will try to get some logs. What bugs me is that there are 3 VPN Interfaces in "ip a" and two are down. Is this correct?
I will try version 7.0.9 too.
Hello,
i want to share a screen with my network interfaces and the 3 vpn interfaces. The two interfaces which are marked as down have an ip address which i had obtained in sessions before but today the ip has been assigned to another colleague.
Therefore i came to the conclusion that the two vpn interfaces aren't correct. Am i right?
I had no chance to upgrade to 7.0.9 at the moment. But i should be able to upgrade next week.
What happens with this interfaces when you disconnect the VPN, do they disappear?
If they remain, have you try to delete this 2 extra interfaces?
Tested with Version 7.0.8 and 7.0.9:
If i disconnect only the VPN interface which was up disappears, the two down interfaces remain with ip configuration.
If i remove the two VPN interfaces via "ip link delete" two new VPN interfaces in down state reappear after a reboot.
Can you verify if this interfaces are created from FCT and not from another VPN client or script?
Hello again, sorry for the late answer.
I think the problem is solved. The interfaces were made by the NetworkManager which had saved the config because of the "save password" option in the forticlient.
It seems that i activated the option at some time.
Can't remember but it could be.
Thanks for your time anyway :)
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.