Geting the below error message when using forticlient. I have confirmed the settings are correct and I checked her TLS settings for internet explorer as mentioned in a previous post but I'm still not able to connect. This user is located in London and not able to connect to the firewall in New York. However my coworker and myself are located in the states and have no issues connecting to the firewall vpn with her credentials.
any suggestions?
"Unreachable" error means much more physical. Can it ping the server IP, and does the URL, if you're using URL, resolved to IP? After those are confirmed, next step would be "diag debug app sslvpn -1" or the server side while the user is trying to connect, then pull VPN local log from the FortiClient. (I'm assuming it's SSL VPN, not IPsec)
It is a SSL VPN connection and not IPSEC. I do have a IPSEC tunnel up with the firewall onsite and am able to pass traffic. However the user is not able to ping the ip of the firewall in the states or resolve it from a url.
Forticlient 6.0.0.0067
I once made a blatant mistake by filling in the remote gateway address as "217.x.y.z" when it was "213.x.y.z" (last week). Of course it could not connect.
Well, if the machine can't ping the IP and the URL doesn't resolve to the IP. That's nothing to do with VPN but it has a basic internet problem you need to figure out first.
Could you connect the Forticlent in UK'? I have te same isuue
The error message encountered when using FortiClient for a VPN connection from London to New York, despite correct settings and TLS settings verification, suggests a potential issue specific to the London user's network or device. Since the credentials work for colleagues in the US, consider checking for region-specific network restrictions, ISP issues, or firewall settings on the London user's device or network. Additionally, ensure the FortiClient software is up-to-date and verify that there are no geographical blocks or latency issues affecting the connection. If the problem persists, reviewing the detailed VPN logs might provide more insight.
Are you using the default SSL port or a custom port? Try using Telnet from the client system to check the connection.
telnet [your Fortigate public IP or Domain] [port, e.g., 10443]
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.