We have teams and it appears that it works fine in version 5.6. However any version higher than that i.e. 6.0, 6.2, etc, calls do not work. Our setup is IPsec using a full tunnel.
When connected to VPN, the teams app itself connects fine. However when you dial a user on the LAN for a call, the recipient on the other end gets the "Sorry, we couldn't connect you" message. On the callers side it continues to ring. We have tried opening up every port to and from the VPN client to the LAN network to test but it still produces the problem.
The worse part is Fortigate refuse to look at it since we do not have EMS licensing which we don't have any intention of buying. I am surprised there aren't others out there with the same issue.
Has anyone else come across this??
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Esh,
you can use version 6.0.0.0067. It works.
Regards,
Graziano.
Hi, We are facing the same issue. @Esh, Did you try to upgrade your FortiClient to version 6.0.0.0067 as proposed by Storyteller?
Or did you find any other solution?
Regards,
Fabien.
Hi, we have the same issue, it works on version 6.0.2.0128 and lower but any version above that and the calls wont work like you say.
I also cant believe this issue has existed for so long seeing as version 6.0.3.0155 and above have been out since 18th October 2018, and its not been fixed on any release after this...….
Check if you have Web Filtering actived in Forticlient.
It is possible that "Unrated" categories are set to "Warn" level (you have a waring symbol displqyed") due to you web filtering profile.
Teams web server being unknown to Fortiguard servers, there are tagged that way, hence presenting a Certificate warning to the application (as configured), and prevent Teams audio communication.
Consider setting "Unrated" to Allow to 'allow' teams communications.
Hi, we do have web filter but it isnt that as it works on an ssl vpn, just not an ipsec one, also after version 6.0.2 it doesnt work with an ipsec vpn and the web filter settings are the same throughout the versions.
Thanks for your input though :)
Regards
Not enough technical information to help you then based on these description.
Consider perhaps disabling Proxy, so that Local HTTPS Proxy is no more performed for queries (Teams only uses HTTPS requests in the wild)
It may be also that there is a Web Filter profile on central Fortigate that perform classification of your egress traffic, and be responsible to difference between SSLVPN and IPSec traffic. Both hitting naturally a different policy as they cannot be merged.
Unrated action to Warn may be there... Not only on FortiClient.
Running into the same issues here today. Rolling back vpn versioning while end users are at home isn't really viable. Another forum post in this community provided a workaround though.
Conenct via screen share and then initiate voice communication -- that will work, but its not user friendly.
Split tunnel onIPSEC?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1688 | |
1087 | |
752 | |
446 | |
227 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.