- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
SSL-VPN and iOS issues
Hi,
I've got a weird issue on one of my clients site. The finally moved from pptp to ssl-vpn and androids/windows work flawless. However, all ipads and iphones are not able to connect via RDP with forticlient. Anyone got any ideas? The worst part is I don't got any iOS device to actually test it from my office, but would be awesome if someone got any pointers on what to look for when I'll go to client to try fixing the issue.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm currently facing probably the same issue. I found out that there is an iOS Forti client but it only works in "WEB MODE" ie. you can only access web based services. I don't know the reason why fortinet does not support full access mode on iOS devices... probably due to iOS kernel implementation. I've tried to connect via cisco anyconnect client, but it does not work yet, Im trying to figure out why...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I'm currently facing probably the same issue. I found out that there is an iOS Forti client but it only works in "WEB MODE" ie. you can only access web based services. I don't know the reason why fortinet does not support full access mode on iOS devices... probably due to iOS kernel implementation. I've tried to connect via cisco anyconnect client, but it does not work yet, Im trying to figure out why...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
volkovski wrote:Forgot to say thank you!Hello,
I'm currently facing probably the same issue. I found out that there is an iOS Forti client but it only works in "WEB MODE" ie. you can only access web based services. I don't know the reason why fortinet does not support full access mode on iOS devices... probably due to iOS kernel implementation. I've tried to connect via cisco anyconnect client, but it does not work yet, Im trying to figure out why...
Reply was quoted in email notification.
Damn shame it works that way. Well, the absolutely worst part is that there is no red flag about that! As an outsource company I promised client that everything will work perfect and moved them from PPTP to ssl-vpn... imagine my frustration when at least 60% of company (~150users) cannot use ssl-vpn from their ipads/iphones...
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Well, the absolutely worst part is that there is no red flag about that! As an outsource company I promised client that everything will work perfect and moved them from PPTP to ssl-vpn... imagine my frustration when at least 60% of company (~150users) cannot use ssl-vpn from their ipads/iphones...
That's why you have to read the notes and do a PoC ( proof of concept ). So here's your alternative, build a dialup access for the ipads/iphones. You can use the same groups and have the same access but just require these other devices to access via vpn-ipsec or vpn-ipsec-l2tp.
Now the only bad thing is the fact configuration management could become slightly more tedious but overall this is the only workable solution you have.
Another solution but use a cisco device for a webvpn access. I've done that a dozen time now with ASA 5510s used in a corporate environment. The $price$ will be way much higher than a fortigate solution but this great if you have concerns over ipsec allowance from distant remote locations.
In one of instance, we plugged a cisco ASA5510 with a public-access and port443 mapped for webvpn access and use this as our sole ssl vpn access gateway.
PCNSE
NSE
StrongSwan