I have a Fortigate60E device on which I have set an IPsec. Clients connect through Forticlient VPN. For budget reasons, I activated two factor via email. The user enters the password and the field opens where the code received by email must be entered. I noticed that on the station where the login is actually done, from the moment the password is entered until after the code is entered, there is no Internet connection at all. Thus, it is a problem to receive the code from the email. The only solution is to have the email address set on the phone. After the code is entered and the connection is established, the internet is restored. How could I solve this problem?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I think this matches your issue. Please test the solution suggested here.
https://community.fortinet.com/t5/Support-Forum/PC-losing-internet-connectivity-while-using-FortiCli...
https://community.fortinet.com/t5/Support-Forum/Connect-to-IPSec-VPN-with-2FA-when-connected-through...
Hi @ztraa,
It is an expected behavior of FortiClient. Please refer to https://docs.fortinet.com/document/forticlient/7.2.4/xml-reference-guide/96295/ike-settings
You need to set <implied_SPDO> to 1 and set <implied_SPDO_timeout> greater then 0. FortiClient allows all outbound traffic (including non-IKE traffic) for the duration configured. Some users find that a value of 30 or 60 seconds suffices.
Regards,
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1666 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.