Hello,
since updating iPhone iOS from the last version 16 to the current 17.0.1, connecting via FortiClientVPN is no longer possible. The Azure SAML authentication takes place, but it stops at "Connection".
FortiClient VPN 7.2.2.0116
Fortigate 7.2.5 build1517
Can anyone here report the same problem?
Problem finnaly solved by Miguel Cifuentes | TAC Engineer after adjusting :
config vpn ssl settings
set dtls-tunnel disable
end
But the question is: This will open any security issues?
Hi @PBalochini,
No, dtls-tunnel uses UDP instead of TCP to improve performance. Disabling it will not pose any security risk.
Regards,
Hi,
I'm having the same the issue. I have tried to disable DTLS on FortiGate side and the connection succeed.
Do you have the same behaviour ?
Hi @Support125
This is the same behavior that we observed for users in this thread where iOS users with FortiClientVPN 7.2.2.0116 connecting to Azure SAML.
Hi,
I observed the same issue. By disabling DTLS on Fortigate side, VPN SSL connection (SAML Azure AD + conditional access) succeed.
Can you confirm that point on your side ?
Hi @Support125
This is the same behavior that we observed for users in this thread where iOS users with FortiClientVPN 7.2.2.0116 connecting to Azure SAML. Do keep an eye if this has been fix in the future release where you will be able to reenable the DTLS on FortiGate once again.
We got it working by disabling DTLS in the FortiGate settings.
Fortinet is working on an update that fixes the issue.
Hi.
Can someone with DTLS disabled confirm if VNC connections from iOS work?
We are having issues connecting VNC through the SSL tunnel.
We have observed that VNC works fine if we disable SAML and enable DTLS. But does not work with DTLS disabled. Using Forticlient EMS (workaround) with DTLS and SAML enabled VNC does not work.
I'm trying to confirm if this is related to the discussed issue.
Hi @jhe
Your issue sounds different from this. If you are able to connect to SSLVPN, but failed to access VNC after getting connected, the symptoms are different. I'd suggest that you create a support ticket for our team member to further assist you on this.
I can confirm vnc works it's going to be something else
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1739 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.