Per-machine prelogon VPN connection without user interaction, not working
I am following the below document. The machine account that I specify does not connect to the VPN automatically. If I manually enter the machine username and password during vpn pre login, the VPN will connect.
Hi, after many attempts I found the solution with this configuration. This VPN starts automatically on startup and stays connected even when you log out. It also works for Android. Mine is an IPSEC VPN and not SSL but try setting the parameters we have in common:
Hi, my setup installs VPN connection before logging into Windows account. If you want the VPN to start after login and to be disconnected when you log out you must change the value of <machine> from 1 to 0
FortiMax_it, thanks for replying to quickly, my configuration is working currently as if the machine value is set to 1 but it is set to 0. For some reason I am unable to connect prior to logon. I did notice that if I enable the legacy pre-logon settings I can manually connect the VPN prior to logging in. I have been working with support trying to figure out if I've missed something and they seem to think it should be working; it just doesn't automatically connect before logon.
I noticed that some versions like 7.0.7 the VPN startup feature at Windows startup worked (login-before-logon) and after updating to 7.2.1 they stopped. I uninstalled the Forticlient and installed version 7.0.9 and the VPN automatically started working again upon startup.
So I recommend you try version 7.2.1 or 7.0.9. Usually if one version doesn't work the other works, I haven't yet fully understood why.
However, if you want the VPN to work when Windows starts without user interaction, the machine value must be 1. If you set 0, the VPN starts after entering the Windows account password. Use the VPN Ipsec Ike v1 - aggressive like in my example. Ikev2 doesn't work on windows startup for now.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.