Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

[SOLVED] Credential or ssl vpn configuration is wrong (-7200)



I use Forticlient 6.4 and I am trying to connect to My customer's network through a SSLVPN


But when I try to establish connection, I get "Credential or ssl vpn configuration is wrong (-7200)"


I can guarantee I have the correct credentials : 

- If I go to the web portal, Authentication is OK (but it's not usable for tunneling since my customer enforces the usage of Forticlient)

- If I use it with the same credentials on another computer, all goes OK


The only thing is, I have to use it on my EC2 instance for some reasons


Here are the logs got fom forticlient (with some useless informations replaced by 'Xs')


03/03/2021 19:44:24 error sslvpn date=2021-03-03 time=19:44:23 logver=1 id=96603 type=securityevent subtype=sslvpn eventtype=error level=error uid=759C8992AA59472092B77212ADC83DE3 devid=FCT8000490583038 hostname=IP-0A8F0277 pcdomain=N/A deviceip= devicemac=XX-XX-XX-XX-XX-de site=N/A fctver= fgtserial=FCT8000490583038 emsserial=N/A os="Microsoft Windows Server 2016 Datacenter Edition, 64-bit (build 17763)" user=Administrator msg="SSLVPN tunnel connection failed" vpnstate= vpntunnel=XXXXX vpnuser=XXXXXXXXXXXX remotegw=XXX.XXX.XXX.XXX


On the router side, the error is seen as a "bad password" error


I suspect something on the network interface configuration, but I have to admit I have exhausted all my ideas.

Does anyone has an idea?

Esteemed Contributor III

Can you get "diag debug application sslvpn " from the fortigate? Also how are you authenticating the user 




 + PKI certificate



If you're doing a 3rd party off appliance authenticator, test with a local-user 1st, and if that works then you can pinpoint the issue(s).


I would check to ensure proper group membership, and that the account is not locked out. If you find the issue, report back here so others will know what the issue are.



Ken Felix





PCNSE NSE StrongSwan
New Contributor



Thank you for the answer

Unfortunately, I have no clues about how the Fortinet router works (It's in My customer's infrastructure)

I only have the client side




Finally found the answer


Thank you for your time guys



Just spent too long on debugging this for a colleague when the solution was simply that the username is Case.Sensitive when using an LDAP server (e.g. Synology) - ensure what you are entering or have got saved in the vpn configuration has the user name casing matching exactly how it is setup in LDAP

New Contributor II

I faced a similar issue, but the solution was related to a security group. Our system administrator created a security group, and anyone inside that group was unable to connect to the VPN.


We just remove it from that group.


Credential or ssl vpn configuration is wrong (-7200) 48%


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors