Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Zarniwhoop
New Contributor

Created on ‎01-07-2020 09:22 AM

SSL VPN suddenly stopped working

Client is using SSL VPN that has been working fine for quite a while.

The box is a Fortinet 60E. Tried both 6.0.4 and 6.2.2 version of Fortclient.

 

Yesterday, all users started getting the error:

“Connection Error!

Insufficient credential(s). Please check the password, client certificate, etc.”

 

Using the default cert for this one. Tried both Fortinet_SSL and Fortinet_Factory certs.

No changes were made to either the firewall nor network in general.

 

Tried changing user password as a test, and have tried confirmed paswords.

Restart has been tried, and no updates are available.

Client uses Macs. Both Mojave and Catalina Macs having problems. Catalina could be expected to be…

 

If anyone could have a look at this that would be great J

 

The logs produce the following results:

 

credential_store.log

20200107 17:44:19.206 [Credential store:EROR] CredentialStoreServer:255 [5][]: Failed getting credential {VPN Password (FortiClient SSL), CONNECTION_NAME}, ret=-1

 

epctrl.log

20200107 17:44:27.148 [epctrl.log:EROR] keepalive:422 Error in delayed connection() 61 - Connection refused

20200107 17:44:27.187 [epctrl:EROR] keepalive:484 Socket connect error, trying next address. errno: 36

20200107 17:44:27.188 [epctrl:EROR] keepalive:496 No successful connection.

20200107 17:44:47.185 [epctrl.log:EROR] keepalive:422 Error in delayed connection() 61 - Connection refused

20200107 17:44:47.186 [epctrl:EROR] keepalive:484 Socket connect error, trying next address. errno: 36

20200107 17:44:47.186 [epctrl:EROR] keepalive:496 No successful connection.

20200107 17:45:07.152 [epctrl.log:EROR] keepalive:422 Error in delayed connection() 61 - Connection refused

20200107 17:45:07.191 [epctrl:EROR] keepalive:484 Socket connect error, trying next address. errno: 36

20200107 17:45:07.192 [epctrl:EROR] keepalive:496 No successful connection.

20200107 17:45:20.818 [epctrl.log:INFO] main:185 

 

MSG received! type: 71

 

fcconfig_service.log

20200107 17:44:17.062 [fcconfig:EROR] FCTConfigService:765 Webfilter configuration format error.

 

 

 

fortiagent.log

20200107 17:44:23.212 [fctgui:INFO] FCTVpnConnection:497 Received the passive connection command

20200107 17:44:23.212 [fctgui:INFO] FCTVpnConnection:583 Starting connection:CONNECTION_NAME

20200107 17:44:23.213 [fctgui:INFO] FCTVpnConnection:674 SSL VPN Proxy is disabled

20200107 17:44:23.213 [fctgui:INFO] FCTVpnConnection:713 connecting to server CUSTOMER_IP:443 with realm:

20200107 17:44:24.227 [sslvpn:INFO] unknown:0 <<<<< HTTP/1.1 404 Not Found

Server: Microsoft-IIS/10.0

Date: Tue, 07 Jan 2020 16:44:18 GMT

Content-Type: text/html

Connection: close

Content-Length: 1245

X-Powered-By: ASP.NET

 

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Strict//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-strict.dtd">

<html xmlns="http://www.w3.org/1999/xhtml">

<head>

<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1"/>

<title>404 - File or directory not found.</title>

<style type="text/css">

<!--

body{margin:0;font-size:.7em;font-family:Verdana, Arial, Helvetica, sans-serif;background:#EEEEEE;}

fieldset{padding:0 15px 10px 15px;} 

h1{font-size:2.4em;margin:0;color:#FFF;}

h2{font-size:1.7em;margin:0;color:#CC0000;}

h3{font-size:1.2em;margin:10px 0 0 0;color:#000000;} 

#header{width:96%;margin:0 0 0 0;padding:6px 2% 6px 2%;font-family:"trebuchet MS", Verdana, sans-serif;color:#FFF;

background-color:#555555;}

#content{margin:0 0 0 2%;position:relative;}

.content-container{background:#FFF;width:96%;margin-top:8px;padding:10px;position:relative;}

-->

</style>

</head>

<body>

<div id="header"><h1>Server Error</h1></div>

<div id="content">

 <div class="content-container"><fieldset>

  <h2>404 - File or directory not found.</h2>

  <h3>The resource you are looking for might have been removed, had its name changed, or is temporarily unavailable.</h3>

 </fieldset></div>

</div>

</body>

</html>

20200107 17:44:24.227 [sslvpn:INFO] unknown:0 try to get cookie for the first time: 0 : 

20200107 17:44:25.037 [sslvpn:EROR] unknown:0 no SVPNCOOKIE found

20200107 17:44:25.038 [fctgui:EROR] FCTVpnConnection:1425 -112 - Insufficient credential(s). Please check the password, client certificate, etc.

20200107 17:44:25.038 [sslvpn:EROR] libsslvpn:436 Failed to login to fortigate : -112

20200107 17:44:25.038 [fctgui:INFO] FCTVpnConnection:1484 failure happens so terminate this vpn connection

20200107 17:44:26.068 [fctgui:INFO] FortiClientAgentAppDelegate:2068 FCTSERV_AGENT_GETUSERINFO started

20200107 17:44:26.114 [fctgui:INFO] FortiClientAgentAppDelegate:2074 FCTSERV_AGENT_GETUSERINFO finish

20200107 17:44:27.144 [fctgui:INFO] FortiClientAgentAppDelegate:104 Epctl status is changed ,so reload webfilter config

20200107 17:44:45.073 [fctgui:INFO] FortiClientAgentAppDelegate:2068 FCTSERV_AGENT_GETUSERINFO started

20200107 17:44:45.122 [fctgui:INFO] FortiClientAgentAppDelegate:2074 FCTSERV_AGENT_GETUSERINFO finish

20200107 17:44:47.182 [fctgui:INFO] FortiClientAgentAppDelegate:104 Epctl status is changed ,so reload webfilter config

20200107 17:45:05.072 [fctgui:INFO] FortiClientAgentAppDelegate:2068 FCTSERV_AGENT_GETUSERINFO started

20200107 17:45:05.117 [fctgui:INFO] FortiClientAgentAppDelegate:2074 FCTSERV_AGENT_GETUSERINFO finish

20200107 17:45:07.149 [fctgui:INFO] FortiClientAgentAppDelegate:104 Epctl status is changed ,so reload webfilter config

20200107 17:45:17.691 [FctMiscAgent:EROR] ScheduledTaskManager:68 Failed to get wirtable fd of scheduled tasks plist

20200107 17:45:20.819 [fctgui:INFO] FortiClientAgentAppDelegate:2068 FCTSERV_AGENT_GETUSERINFO started

20200107 17:45:20.865 [fctgui:INFO] FortiClientAgentAppDelegate:2074 FCTSERV_AGENT_GETUSERINFO finish

20200107 17:45:22.900 [fctgui:INFO] FortiClientAgentAppDelegate:104 Epctl status is changed ,so reload webfilter config

 

servctl.log

20200107 17:44:26.114 [servctl:EROR] main:472 no session data found!!!

20200107 17:44:45.122 [servctl:EROR] main:472 no session data found!!!

20200107 17:45:05.117 [servctl:EROR] main:472 no session data found!!!

20200107 17:45:17.685 [servctl:EROR] main:409 no session data found!!!

20200107 17:45:17.685 [servctl:EROR] main:355 sending fd -102 to client

20200107 17:45:17.696 [servctl:INFO] main:210 notification socket of service (128, update tool) registered successfully. pid = 1971

20200107 17:45:20.865 [servctl:EROR] main:472 no session data found!!!

 

 

update.log

20200107 17:45:17.736 [update:INFO] main:80 connect to service controller successfully

20200107 17:45:17.739 [update:INFO] fcn_upgrade:1503 Enable custom fds server :0 failover port: -1 failover to fdg: 1

20200107 17:45:18.851 [update:WARN] fcn_upgrade:843 Failed to get ad banner version

20200107 17:45:18.853 [update:INFO] fcn_upgrade:167 firware: FCT100-FW-6.0.4-79

20200107 17:45:19.238 [update:INFO] fcn_upgrade:184 uid: 2018635421

20200107 17:45:19.239 [update:INFO] fcn_upgrade:201 sn: FCT8002018635421

20200107 17:45:19.241 [update:INFO] fcn_upgrade:209 uid2: 2E85E0E8A4765C8D9B2E3F4651060404

20200107 17:45:19.241 [update:INFO] fcn_upgrade:219 hostname: imac5k.lan

20200107 17:45:19.241 [update:INFO] fcn_upgrade:224 os: Mac OS X 10.14.6

20200107 17:45:19.242 [update:INFO] fcn_upgrade:230 language: nb-NO

20200107 17:45:19.270 [update:INFO] fcn_upgrade:128 Last update time: 2020-01-07 17:21:39, Last vulnerability scan time: 1970-01-01 01:00:00

20200107 17:45:19.310 [update:INFO] fcn_upgrade:338 Start to download fdni file...

20200107 17:45:19.311 [update:INFO] update_funcs:363 Try to connect to server 96.45.33.106:80

20200107 17:45:19.717 [update:INFO] fcn_upgrade:346 fdni file is downloaded successfully

20200107 17:45:19.717 [update:INFO] fcn_upgrade:860 Start to download FortiClient components...

20200107 17:45:19.718 [update:INFO] update_funcs:363 Try to connect to server 96.45.33.106:80

20200107 17:45:20.110 [update:INFO] fcn_upgrade:920 no new app engine avaliable in FDS

20200107 17:45:20.111 [update:INFO] fcn_upgrade:1058 no new vcm avaliable in FDS

20200107 17:45:20.116 [update:INFO] fcn_upgrade:1076 no new vcm signature avaliable in FDS

20200107 17:45:20.117 [LIBAVENG:EROR] av_api:265 failed to load /Library/Application Support/Fortinet/FortiClient/bin/libav.dylib: No such file or directory

20200107 17:45:20.117 [update:EROR] fcn_upgrade:1211 failed to load av engine /Library/Application Support/Fortinet/FortiClient/bin/libav.dylib

20200107 17:45:20.818 [update:INFO] main:290 Downloading done ret = 0 

Preview file
92 KB
16437
0 Kudos
2 REPLIES 2
Zarniwhoop
New Contributor

Created on ‎01-08-2020 12:17 AM

Answering my own post, just in case someone else has this problem :)

 

It turned out that a RDGW had hijacked port 443.

As soon as that was remedied, the VPN was working again.

7408
0 Kudos
tomala
New Contributor

Created on ‎08-12-2021 10:54 PM

Maybe the certificate has expired? Zarniwhoop you tell me how to add certificate in mac? I have a problem with this, I tested on windows and linux works fine. I have the same problem with the iphone, I can't add a certificate. There is poor help in the forum ...

7408
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.