Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Rajeesh
New Contributor

Created on ‎08-20-2021 06:47 AM

Network error. Can not connect to vpn server- SSL VPN error on big sur

We are getting "Network error. Can not connect to vpn server"  error while connecting SSL VPN on Big sur os.   We are using FortiGate AZUREONDEMAND firewall with  v6.4.2 build1723 (GA).
vpn.png
Preview file
70 KB
65260
0 Kudos
14 REPLIES 14
James1
New Contributor II

Created on ‎08-23-2021 02:33 AM

Enter the IP address instead of hostname. 

55950
be_fg
New Contributor II
In response to James1

Created on ‎11-05-2021 05:53 AM

Hi,

 

we are facing the exact same issue on our Mac OS Clients with different OS versions. (Big Sur, Monterey).

If we enter the FQDN of the Remote-Gateway we get the "network error" message, as soon as we enter the IPv4-Address of the Remote-Gateway we can connect without any problem.

-> entering the fix IPv4-Address is no solution, so how this can be fixed?

 

Just to be clear, there are no general DNS-issues on our side. The clients can resolve the FQDN by nslookup without any issues.

 

In the FortiClient Logs there is the following entry:

NSErrorClientCertificateStateKey=0, NSErrorFailingURLKey=https://FQDN.fortiddns.com:10443/remote/info, NSErrorFailingURLStringKey=https://FQDN.fortiddns.com:10443/remote/info, NSUnderlyingError=0x60000332d620 {Error Domain=kCFErrorDomainCFNetwork Code=-1200 "(null)"

________________________________________________
"Many hands make light work."
________________________________________________"Many hands make light work."
55951
0 Kudos
redieramos
New Contributor
In response to James1

Created on ‎04-24-2022 04:22 PM

This temporarily solved the issue but I'm also hoping to use FQDN. Setting the certificate to always trust doesn't help.

43893
0 Kudos
Adolfo_Z_H
Staff
Staff

Created on ‎12-01-2021 03:19 PM

it is not a Fortinet issue, per latest security specs from apple, you need to use a valid CA certificate to connet to VPNSSL portal using a FQDN on the client configuration

 

https://support.apple.com/en-ca/HT210176

 

Secure Access Team LATAM TAC
54975
0 Kudos
boxsters1423
New Contributor

Created on ‎01-20-2022 12:36 AM

I also have the problem with 7.0.2 on macOS Monterey 12.1 but no problem with 7.0.1 on same macOS both with name.

51627
0 Kudos
boxsters1423
New Contributor
In response to boxsters1423

Created on ‎01-20-2022 12:45 AM

By approving the certificates it's ok.

51625
0 Kudos
CalBryant
New Contributor
In response to boxsters1423

Created on ‎04-06-2022 02:43 PM

Approving the certificate is not working for me.  It seems to be an issue with the SHA signature.

45144
0 Kudos
CalBryant
New Contributor

Created on ‎04-06-2022 02:43 PM

Any luck on this issue?  I'm trying to trouble shoot this currently.  From what I can tell, the certificate is SHA1 signed and MacOS is requiring SHA2 signature key.

45144
0 Kudos
etiennearaya
New Contributor
In response to CalBryant

Created on ‎04-11-2022 06:31 PM

Hi, I have luck,

 

This solution is for SSL VPN only. 

 

I look into fortitray.log and able to see the problem was a not valid SSL certificate.

 

Screen Shot 2022-04-11 at 21.23.00.png

In the above image, forticlient try to visit a URL with not valid certificate that generate error. 

 

try to go this site:

 

https://<DESTINATION VPN SITE>:443/remote/info  in Safari browser it will show you a warning because the SSL certificate is not valid, visit the site and it will prompt you accept certificate with your password. 
 
And finally try to connect. 
 
I hope you can connect to your VPN.
 
Regards 
Etienne
 
44693
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.