Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Xware
New Contributor

Created on ‎12-10-2020 11:06 PM

Trouble with Forticlient no session id in auth info

i have an ssl vpn setup on a fortigate 80E

 

it takes my users between 1 and 20 tries to connect (randomly)  sometimes it connects first time.   other times it takes multiple tries. if it fails it gets to 80% an throws an error about not being able to connect.  i can also successfully connect  ,  then disconnect soon after and then try to reconnect and it might connect  or it might fail.. its completely randon

 

the debug throws the following

[202:root:5d]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [202:root:5d]req: /remote/fortisslvpn [202:root:5d]rmt_web_auth_info_parser_common:444 no session id in auth info [202:root:5d]rmt_web_access_check:700 access failed, uri=[/remote/fortisslvpn],ret=4103, [202:root:5d]req: /remote/login [202:root:5d]rmt_web_auth_info_parser_common:444 no session id in auth info [202:root:5d]rmt_web_get_access_cache:781 invalid cache, ret=4103 [202:root:5d]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}]) [202:root:5d]get_cust_page:125 saml_info 0 [201:root:5b]sslvpn_read_request_common,655, ret=-1 error=-1, sconn=0x54ea2780. [201:root:5b]Destroy sconn 0x54ea2780, connSize=0. (root) [203:root:5c]allocSSLConn:298 sconn 0x54ea2e80 (0:root) [203:root:5c]SSL state:before SSL initialization (xx.xx.xx.xx) [203:root:5c]SSL state:before SSL initialization (xx.xx.xx.xx)

 

 

 

however upon successful connection i get 

 

 

[202:root:5f]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384 [202:root:5f]req: /remote/fortisslvpn [202:root:5f]deconstruct_session_id:426 decode session id ok, user=[ryan],group=[SSL_VPN_Users],authserver=[DCserv1],portal=[full-access],host=[xx.xx.xx.xx],realm=[],idx=0,auth=16,sid=249770e,login=1634544849,access=1634544849,saml_logout_url=no [202:root:5f]deconstruct_session_id:426 decode session id ok, user=[ryan],group=[SSL_VPN_Users],authserver=[DCserv1],portal=[full-access],host=[xx.xx.xx.xx],realm=[],idx=0,auth=16,sid=249770e,login=1634544849,access=1634544849,saml_logout_url=no [202:root:5f]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}]) [201:root:5d]sslvpn_read_request_common,655, ret=-1 error=-1, sconn=0x54ea2780. [201:root:5d]Destroy sconn 0x54ea2780, connSize=0. (root) [203:root:5e]allocSSLConn:298 sconn 0x54ea2e80 (0:root) [203:root:5e]SSL state:before SSL initialization (xx.xx.xx.xx) [203:root:5e]SSL state:before SSL initialization (xx.xx.xx.xx)

 

3226
0 Kudos
0 REPLIES 0
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.