Hi,
last week we updated our FG cluster to FG200F with 7.4.5.
We had some problems but in general it seems quite OK. Only with SSL VPN we still have problems and we cnat get it functioning.
1. Connecting with Local User it works fine, I get the certificate window and I can login, no prob!
2. User from LDAP, connection to LDAP works fine, I can even test my credentials and OK but than connecting to the SSL VPN I dont geht the ceretificate pop up and after 48% I get Permission denied and -455
We did the same as in all other FGs. We imported the same remote certificate and everywhere it works. We checked groups and everything and it should be OK.
In System Events VPN I get:
Action ssl-login-fail
Reason sslvpn_login_unknown_user
What else can we try? It seems like the FG is not checking the certificate and we try with "Require Client certificate" and without and no change
Thanks!
This was the answer for our firewall. Had to import the root CA for the domain.
Hi,
we still have some strange behavior but now on all our FGs. We got support via remote from Fortinet and connecting and testing it worked just fine. We didnt change anything from our side but it is possible that our main headquarter changed something on the DCs. So after that we suddenly had problems (we use the same cert in all FGs) on other FGs who suddenly could not connect to the LDAP.
Today, all of them work fine. Why? I dont know....
Thanks
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.