Hello friends. How are you? Can someone help me?
I am unable to authenticate users on VPN via LDAP. Initially I am configuring in LAB.
FortiGate-VM64 Firmware v6.0.6 build02729(GA)
[ul]FortiGate-VM64-KVM # config vpn ssl settings
FortiGate-VM64-KVM (settings) # show config vpn ssl settings set servercert "Fortinet_Factory" set idle-timeout 18800 set tunnel-ip-pools "SSLVPN_TUNNEL_ADDR1" set tunnel-ipv6-pools "SSLVPN_TUNNEL_IPv6_ADDR1" set dns-server1 192.168.1.100 set port 443 set source-interface "port1" "port2" set source-address "all" set source-address6 "all" set default-portal "full-access" config authentication-rule edit 1 set groups "grp-vpn-ssl-local" set portal "full-access" next edit 2 set groups "grp-vpn-ssl-ldap" set portal "full-access" next end end
[ul]config user ldap edit "LDAP" set server "192.168.1.100" set cnid "sAMAccountName" set dn "DC=lab,DC=local" set type regular set username "srv_user_fortigate@lab.local" set password ENC <password> next end
[ul]config user group edit "SSO_Guest_Users" next edit "Guest-group" set member "guest" next edit "grp-vpn-ssl-local" set member "ish-vpn-ssl-local" next edit "grp-vpn-ssl-ldap" set member "LDAP" config match edit 1 set server-name "LDAP" set group-name "CN=VPN_SSL,CN=Users,DC=lab,DC=local" next edit 2 set server-name "LDAP" set group-name "CN=VPNSSL1,OU=VPN,DC=lab,DC=local" next end next end
[ul]diagnose test authserver ldap "LDAP" "user_vpn" <password> authenticate 'user_vpn' against 'LDAP' succeeded! Group membership(s) - CN=VPNSSL1,OU=VPN,DC=lab,DC=local CN=VPN_SSL,CN=Users,DC=lab,DC=local CN=Domain Users,CN=Users,DC=lab,DC=local
[ul]FortiGate-VM64-KVM # diagnose debug application sslvpn -1 Debug messages will be on for 30 minutes.
FortiGate-VM64-KVM # diagnose debug enable
FortiGate-VM64-KVM # [125:root:d8]allocSSLConn:281 sconn 0x7f0475c4f400 (0:root) [125:root:d9]allocSSLConn:281 sconn 0x7f0475d81400 (0:root) [125:root:d8]SSL state:before SSL initialization (192.168.1.2) [125:root:d8]SSL state:before SSL initialization (192.168.1.2) [125:root:d8]client cert requirement: no [125:root:d8]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:da]allocSSLConn:281 sconn 0x7f0475d83000 (0:root) [125:root:d9]SSL state:before SSL initialization (192.168.1.2) [125:root:d9]SSL state:before SSL initialization (192.168.1.2) [125:root:d9]client cert requirement: no [125:root:d9]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:db]allocSSLConn:281 sconn 0x7f0475d84c00 (0:root) [125:root:da]SSL state:before SSL initialization (192.168.1.2) [125:root:da]SSL state:before SSL initialization (192.168.1.2) [125:root:da]client cert requirement: no [125:root:da]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:db]SSL state:before SSL initialization (192.168.1.2) [125:root:db]SSL state:before SSL initialization (192.168.1.2) [125:root:db]client cert requirement: no [125:root:db]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:d8]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:d8]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:d8]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:d9]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:d9]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:d9]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:d9]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:db]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:db]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:db]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:db]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:da]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:da]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:da]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:da]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:d8]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475c4f400. [125:root:d8]Destroy sconn 0x7f0475c4f400, connSize=3. (root) [125:root:d9]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475d81400. [125:root:d9]Destroy sconn 0x7f0475d81400, connSize=2. (root) [125:root:db]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475d84c00. [125:root:db]Destroy sconn 0x7f0475d84c00, connSize=1. (root) [125:root:da]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475d83000. [125:root:da]Destroy sconn 0x7f0475d83000, connSize=0. (root) [125:root:dc]allocSSLConn:281 sconn 0x7f0475c4f400 (0:root) [125:root:dc]SSL state:before SSL initialization (192.168.1.2) [125:root:dc]SSL state:before SSL initialization (192.168.1.2) [125:root:dc]client cert requirement: no [125:root:dc]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:dd]allocSSLConn:281 sconn 0x7f0475dd6400 (0:root) [125:root:de]allocSSLConn:281 sconn 0x7f0475dd8000 (0:root) [125:root:dc]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:dc]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:dc]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:dc]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:dc]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475c4f400. [125:root:dc]Destroy sconn 0x7f0475c4f400, connSize=2. (root) [125:root:dd]SSL state:before SSL initialization (192.168.1.2) [125:root:dd]SSL state:before SSL initialization (192.168.1.2) [125:root:dd]client cert requirement: no [125:root:dd]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:de]SSL state:before SSL initialization (192.168.1.2) [125:root:de]SSL state:before SSL initialization (192.168.1.2) [125:root:de]client cert requirement: no [125:root:de]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:dd]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:dd]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:dd]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:dd]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dd6400. [125:root:dd]Destroy sconn 0x7f0475dd6400, connSize=1. (root) [125:root:de]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:de]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:de]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:de]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:df]allocSSLConn:281 sconn 0x7f0475c4f400 (0:root) [125:root:de]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dd8000. [125:root:de]Destroy sconn 0x7f0475dd8000, connSize=1. (root) [125:root:df]SSL state:before SSL initialization (192.168.1.2) [125:root:df]SSL state:before SSL initialization (192.168.1.2) [125:root:df]client cert requirement: no [125:root:df]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write certificate (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write key exchange (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write server done:system lib(192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write server done (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS read client key exchange (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write session ticket (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:df]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:df]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:df]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:df]req: / [125:root:df]mza: 0x25539f0 /rmt_index.html [125:root:df]def: 0x25539f0 /rmt_index.html [125:root:df]req: /remote/login [125:root:df]req: /remote/login?lang=en [125:root:df]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:df]rmt_web_get_access_cache:758 invalid cache, ret=4103 [125:root:df]req: /css/main-blue.css [125:root:df]mza: 0x25539a0 /css/main-blue.css [125:root:e0]allocSSLConn:281 sconn 0x7f0475dbf000 (0:root) [125:root:e0]SSL state:before SSL initialization (192.168.1.2) [125:root:e0]SSL state:before SSL initialization (192.168.1.2) [125:root:e0]client cert requirement: no [125:root:e0]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:e1]allocSSLConn:281 sconn 0x7f0475dbc400 (0:root) [125:root:e1]SSL state:before SSL initialization (192.168.1.2) [125:root:e1]SSL state:before SSL initialization (192.168.1.2) [125:root:e1]client cert requirement: no [125:root:e1]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e1]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e1]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e1]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:e2]allocSSLConn:281 sconn 0x7f0475dc2400 (0:root) [125:root:e1]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dbc400. [125:root:e1]Destroy sconn 0x7f0475dbc400, connSize=3. (root) [125:root:e0]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e0]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e0]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e0]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:e3]allocSSLConn:281 sconn 0x7f0475dbc400 (0:root) [125:root:e0]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dbf000. [125:root:e0]Destroy sconn 0x7f0475dbf000, connSize=3. (root) [125:root:e2]SSL state:before SSL initialization (192.168.1.2) [125:root:e2]SSL state:before SSL initialization (192.168.1.2) [125:root:e2]client cert requirement: no [125:root:e2]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e2]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e2]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e2]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:e3]SSL state:before SSL initialization (192.168.1.2) [125:root:e3]SSL state:before SSL initialization (192.168.1.2) [125:root:e3]client cert requirement: no [125:root:e3]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:e2]req: /sslvpn/js/login.js?q=5ab9372677fde45ab6 [125:root:e2]mza: 0x25539b0 /sslvpn/js/login.js [125:root:e3]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e3]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e3]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e3]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:e3]req: /remote/fgt_lang?lang=en [125:root:e3]req: /remote/logincheck [125:root:e3]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:e3]rmt_web_access_check:684 access failed, uri=[/remote/logincheck],ret=4103, [125:root:e3]rmt_logincheck_cb_handler:965 user 'user_vpn' has a matched local entry. [125:root:e3]sslvpn_auth_check_usrgroup:1773 forming user/group list from policy. [125:root:e3]sslvpn_auth_check_usrgroup:1815 got user (1) group (0:0). [125:root:e3]sslvpn_validate_user_group_list:1443 validating with SSL VPN authentication rules (2), realm (). [125:root:e3]sslvpn_validate_user_group_list:1491 checking rule 1 cipher. [125:root:e3]sslvpn_validate_user_group_list:1499 checking rule 1 realm. [125:root:e3]sslvpn_validate_user_group_list:1510 checking rule 1 source intf. [125:root:e3]sslvpn_validate_user_group_list:1549 checking rule 1 vd source intf. [125:root:e3]sslvpn_validate_user_group_list:1621 rule 1 done, got user (0) group (0:0). [125:root:e3]sslvpn_validate_user_group_list:1491 checking rule 2 cipher. [125:root:e3]sslvpn_validate_user_group_list:1499 checking rule 2 realm. [125:root:e3]sslvpn_validate_user_group_list:1510 checking rule 2 source intf. [125:root:e3]sslvpn_validate_user_group_list:1621 rule 2 done, got user (0) group (0:0). [125:root:e3]sslvpn_validate_user_group_list:1709 got user (1), group (0:0). [125:root:e3]two factor check for user_vpn: off [125:root:e3]sslvpn_authenticate_user:169 authenticate user: [user_vpn] [125:root:e3]sslvpn_authenticate_user:176 create fam state [125:root:e3]fam_auth_send_req:575 with server blacklist: [125:root:e3]fam_auth_send_req:685 clear local user flag and do authentication again. [125:root:e3]fam_auth_send_req:575 with server blacklist: [125:root:e3]fam_auth_send_req:695 task finished with 5 [125:root:e3]login_failed:330 user[user_vpn],auth_type=0 failed [sslvpn_login_unknown_user] [125:root:0]dump_one_blocklist:83 status=1;host=192.168.1.2;fails=1;logintime=1564767681 [125:root:e3]req: /remote/login?&err=sslvpn_login_permissi [125:root:e3]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:e3]rmt_web_get_access_cache:758 invalid cache, ret=4103 [125:root:e3]req: /css/main-blue.css [125:root:e3]mza: 0x25539a0 /css/main-blue.css [125:root:e2]req: /sslvpn/js/login.js?q=5ab9372677fde45ab6 [125:root:e2]mza: 0x25539b0 /sslvpn/js/login.js [125:root:e2]req: /remote/fgt_lang?lang=en
[ul]FortiGate-VM64-KVM # diagnose debug application fnbamd 255 Debug messages will be on for 26 minutes.
FortiGate-VM64-KVM # diagnose debug console
FortiGate-VM64-KVM # diagnose debug enable
FortiGate-VM64-KVM # [125:root:e8]allocSSLConn:281 sconn 0x7f0475c4f400 (0:root) [125:root:e9]allocSSLConn:281 sconn 0x7f0475dce400 (0:root) [125:root:e8]SSL state:before SSL initialization (192.168.1.2) [125:root:e8]SSL state:before SSL initialization (192.168.1.2) [125:root:e8]client cert requirement: no [125:root:e8]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e8]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e8]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e8]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ea]allocSSLConn:281 sconn 0x7f0475dd0000 (0:root) [125:root:e8]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475c4f400. [125:root:e8]Destroy sconn 0x7f0475c4f400, connSize=2. (root) [125:root:e9]SSL state:before SSL initialization (192.168.1.2) [125:root:e9]SSL state:before SSL initialization (192.168.1.2) [125:root:e9]client cert requirement: no [125:root:e9]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:e9]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:e9]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:e9]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:eb]allocSSLConn:281 sconn 0x7f0475c4f400 (0:root) [125:root:e9]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dce400. [125:root:e9]Destroy sconn 0x7f0475dce400, connSize=2. (root) [125:root:ea]SSL state:before SSL initialization (192.168.1.2) [125:root:ea]SSL state:before SSL initialization (192.168.1.2) [125:root:ea]client cert requirement: no [125:root:ea]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:eb]SSL state:before SSL initialization (192.168.1.2) [125:root:eb]SSL state:before SSL initialization (192.168.1.2) [125:root:eb]client cert requirement: no [125:root:eb]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:eb]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:eb]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:eb]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ec]allocSSLConn:281 sconn 0x7f0475dce400 (0:root) [125:root:eb]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475c4f400. [125:root:eb]Destroy sconn 0x7f0475c4f400, connSize=2. (root) [125:root:ea]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:ea]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:ea]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:ea]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ea]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dd0000. [125:root:ea]Destroy sconn 0x7f0475dd0000, connSize=1. (root) [125:root:ec]SSL state:before SSL initialization (192.168.1.2) [125:root:ec]SSL state:before SSL initialization (192.168.1.2) [125:root:ec]client cert requirement: no [125:root:ec]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:ec]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:ec]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:ec]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ec]req: / [125:root:ec]mza: 0x25539f0 /rmt_index.html [125:root:ec]def: 0x25539f0 /rmt_index.html [125:root:ec]req: /remote/login [125:root:ec]req: /remote/login?lang=en [125:root:ec]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:ec]rmt_web_get_access_cache:758 invalid cache, ret=4103 [125:root:ec]req: /css/main-blue.css [125:root:ec]mza: 0x25539a0 /css/main-blue.css [125:root:ed]allocSSLConn:281 sconn 0x7f0475dd1000 (0:root) [125:root:ed]SSL state:before SSL initialization (192.168.1.2) [125:root:ed]SSL state:before SSL initialization (192.168.1.2) [125:root:ed]client cert requirement: no [125:root:ed]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:ed]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:ed]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:ed]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ee]allocSSLConn:281 sconn 0x7f0475c50000 (0:root) [125:root:ed]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dd1000. [125:root:ed]Destroy sconn 0x7f0475dd1000, connSize=2. (root) [125:root:ef]allocSSLConn:281 sconn 0x7f0475dd1000 (0:root) [125:root:ee]SSL state:before SSL initialization (192.168.1.2) [125:root:ee]SSL state:before SSL initialization (192.168.1.2) [125:root:ee]client cert requirement: no [125:root:ee]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:ee]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:ee]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:ee]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ef]SSL state:before SSL initialization (192.168.1.2) [125:root:ef]SSL state:before SSL initialization (192.168.1.2) [125:root:ef]client cert requirement: no [125:root:ef]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:ef]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:ef]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:ef]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:f0]allocSSLConn:281 sconn 0x7f0475dd4400 (0:root) [125:root:ef]sslvpn_read_request_common,639, ret=-1 error=-1, sconn=0x7f0475dd1000. [125:root:ef]Destroy sconn 0x7f0475dd1000, connSize=3. (root) [125:root:ee]req: /sslvpn/js/login.js?q=5ab9372677fde45ab6 [125:root:ee]mza: 0x25539b0 /sslvpn/js/login.js [125:root:f0]SSL state:before SSL initialization (192.168.1.2) [125:root:f0]SSL state:before SSL initialization (192.168.1.2) [125:root:f0]client cert requirement: no [125:root:f0]SSL state:SSLv3/TLS read client hello (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS write server hello (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS write change cipher spec (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS write finished:system lib(192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS write finished (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS read change cipher spec (192.168.1.2) [125:root:f0]SSL state:SSLv3/TLS read finished (192.168.1.2) [125:root:f0]SSL state:SSL negotiation finished successfully (192.168.1.2) [125:root:f0]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [125:root:ee]req: /remote/fgt_lang?lang=en [125:root:ee]req: /remote/logincheck [125:root:ee]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:ee]rmt_web_access_check:684 access failed, uri=[/remote/logincheck],ret=4103, [125:root:ee]rmt_logincheck_cb_handler:965 user 'user_vpn' has a matched local entry. [125:root:ee]sslvpn_auth_check_usrgroup:1773 forming user/group list from policy. [125:root:ee]sslvpn_auth_check_usrgroup:1815 got user (1) group (0:0). [125:root:ee]sslvpn_validate_user_group_list:1443 validating with SSL VPN authentication rules (2), realm (). [125:root:ee]sslvpn_validate_user_group_list:1491 checking rule 1 cipher. [125:root:ee]sslvpn_validate_user_group_list:1499 checking rule 1 realm. [125:root:ee]sslvpn_validate_user_group_list:1510 checking rule 1 source intf. [125:root:ee]sslvpn_validate_user_group_list:1549 checking rule 1 vd source intf. [125:root:ee]sslvpn_validate_user_group_list:1621 rule 1 done, got user (0) group (0:0). [125:root:ee]sslvpn_validate_user_group_list:1491 checking rule 2 cipher. [125:root:ee]sslvpn_validate_user_group_list:1499 checking rule 2 realm. [125:root:ee]sslvpn_validate_user_group_list:1510 checking rule 2 source intf. [125:root:ee]sslvpn_validate_user_group_list:1621 rule 2 done, got user (0) group (0:0). [125:root:ee]sslvpn_validate_user_group_list:1709 got user (1), group (0:0). [125:root:ee]two factor check for user_vpn: off [125:root:ee]sslvpn_authenticate_user:169 authenticate user: [user_vpn] [125:root:ee]sslvpn_authenticate_user:176 create fam state [125:root:ee]fam_auth_send_req:575 with server blacklist: [125:root:ee]fam_auth_send_req:685 clear local user flag and do authentication again. [125:root:ee]fam_auth_send_req:575 with server blacklist: [125:root:ee]fam_auth_send_req:695 task finished with 5 [125:root:ee]login_failed:330 user[user_vpn],auth_type=0 failed [sslvpn_login_unknown_user] [125:root:0]dump_one_blocklist:83 status=1;host=192.168.1.2;fails=1;logintime=1564767960 [125:root:ee]req: /remote/login?&err=sslvpn_login_permissi [125:root:ee]rmt_web_auth_info_parser_common:441 no session id in auth info [125:root:ee]rmt_web_get_access_cache:758 invalid cache, ret=4103 [125:root:ee]req: /css/main-blue.css [125:root:ee]mza: 0x25539a0 /css/main-blue.css [125:root:ec]req: /sslvpn/js/login.js?q=5ab9372677fde45ab6 [125:root:ec]mza: 0x25539b0 /sslvpn/js/login.js [125:root:f0]req: /remote/fgt_lang?lang=en
I appreciate who can help me.
Thank You!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.