- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: VPN connection failed
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN connection failed
Within the last few days one of our users forticlient VPN has been failing to connect and comes up with the below error
"VPN connection failed. Please check your configuration, network connection and pre-shared key then retry your connection."
Nothing has changed with his broadband connection and it has all work previously
Steps i have done so far
Uninstalled and reinstalled Forticlient with latest version → same error
deleted the VPN profile and re-created → same error
tested with personal logins → same error
setup different VPN profile and tested → same error
tested user login details on 2 other computers in different locations both times logged in → not a username/password problem
rebooted laptop → same error
Checked TSL settings 1.1 and 1.2 are ticked - same error
added Forticlient to firewall to allow through - same error
checked if any spaces had been added when copying pre-shared key, gateway and local ID details → there where none
I am pretty much running out of ideas as what else could be the problem. Any suggestions would be great
Thanks
Labels:
- Labels:
-
FortiClient
16 REPLIES 16
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Pi007 ,
Since you sau that one of your users has issues, I assume that the others are able to connect. If it is the case, that means that it is less likely to be a FortiGate configuration issue. If the users that are abble to connect use the same FortiClient version, that would rule out the FortiClient also and would narrow it down to the host itself. If there is an anti-virus software installed, can you try with it disabled?
Also, to get an ideea of what is going on, run this commands on the FortiGate while trying to connect:
diagnose debug reset
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
diagnose debug enable
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
HI Aionescu,
I have checked the configuration of the client setup and it is a carbon copy of how mine is and i have no problem connecting to the VPN with mine or the users details.
Please note i only have access to the FortiClinet VPN software on the users computer to troubleshoot so will not be able to run the debug commands.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can you remove the VPN client using FCRemove tool, then reboot re-install the client, and check?
https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-download-FortiClient-and-FCRemove-e...
https://community.fortinet.com/t5/FortiClient/Technical-Tip-Uninstall-of-FortiClient-software/ta-p/1...
Regards,
Vishal
Vishal
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Vsahu,
Many thanks for the reply, i will give the FCRemove tool a go and see if that helps. I have a remote session booked in for later today so will update once i have been on the computer.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Afternoon,
I have found the below from the sslvpndaemon_1 trace under logs
[sslvpndaemon 515 debug] FortiSslvpn: _ReceiveMessage: (00000384)
[8244:13320] [sslvpndaemon 515 debug] FortiSslvpn: Init:ConnectNamedPipe(): Wait(hEventOverLapped) OK.
[8244:13320] [sslvpndaemon 515 debug] FortiSslvpn: before ConnectNamedPipe
[8244:13320] [sslvpndaemon 515 debug] FortiSslvpn: Init:ConnectNamedPipe(): rc=0, err=997
[8244:888] [sslvpndaemon 515 debug] FortiSslvpn: _ReceiveMessage: (00000344)
[8244:888] [sslvpndaemon 515 debug] FortiSslvpn: Broken pipe! Client is exited (3).
Does anyone know what this would point to?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi, I have the same error, did you find a solutions?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
Can you confirm if are you able to connect using the browser to the same SSL URL or not from the same machine?
Also, have you tested with FCRemove tool?
Regards,
Vishal
Vishal
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Also, can you confirm which device the user is using the machine hardware and OS?
There was one issue I was able to find in which the dell optimizer application was causing similar behavior with forticlient.
Regards,
Vishal
Vishal
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Vsahu,
i was unable to download the FCRemove tool as i have no devices resisted in the website. When i went to firmware downloads that is where it stopped for me.
Details of the device it is a Dell laptop with Windows 10 vers 21h2 installed. We do not have a SSL URL on the client setup, we use an IP address for the remote gateway.
Related Posts
Labels
-
FortiGate
6,450 -
FortiClient
1,287 -
5.2
801 -
5.4
639 -
FortiManager
563 -
6.0
416 -
FortiAnalyzer
411 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
66 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
ZTNA
15 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
DNS
11 -
Interface
11 -
BGP
10 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.