Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Archaneos
New Contributor

VPN stuck at status 71%

Hello,

 

I'm having a strange situation here. I've installed FortiClient 5.2 on my laptop (Windows 7) and on my phone (Android 5.1), they are both connected wireless to my router at home however, while it works fine for my phone, when I try to connect with my laptop the status got stuck at 71% and I receive a error: "Unable to establish the VPN connection. The VPN server may be unreachable (-10)". I used the same login/password for both and a colleague tried to connect to the VPN from his place with his computer and his login/password and it worked.

I've tried what I could: switch to version 5.2, deactivate firewall, deactivate anti-virus, many reboots, many reinstalls but nothing worked.

Later, I tried from work and it worked perfectly for my phone AND my laptop this time with the only different being my laptop connected by RJ45. So full of hope, I tried to connect my laptop at home with a RJ45 as well, thinking it could have somehow come from my laptop's wireless interface, but no... same result.

 

I join the log of my last attempt as well. It looks like it manage to connect a first time to the VPN but it mess up after. Also it looks like the FortiClient update encounter some issue.

Any suggestion would be more than welcomed as accessing VM with my phone is not the most efficient way to work. Thanks!

3 REPLIES 3
Christopher_McMullan

In the attached debug, I notice this in the HTML sent to the client:

"FortiToken clock drift detected. Please input the next code and continue."

 

Are you using FortiTokens for any of your connections or authentication through the firewall?

Regards, Chris McMullan Fortinet Ottawa

Archaneos
New Contributor

Not as far as I know. I have just installed the client, configure the settings of the connection (ip, port, login), and try to connect. Is there a way to check the FortiTokens which could give you more information ?

Christopher_McMullan

It'd be a setting under the user account you used to connect, if that's really the issue. It could be something else, this is just what I picked up on when reviewing the output you attached.

 

Enter 'show user local <username>', where <username> is the account you used to connect.

 

Otherwise, you could create a new local user from scratch, and add them to the existing group(s) allowed VPN access and test again.

Regards, Chris McMullan Fortinet Ottawa

Labels
Top Kudoed Authors