I've just installed FortiClient VPN the .deb package from here https://www.fortinet.com/support/product-downloads .
installed with `sudo dpkg -i ...`
Setupd the configuration ( as I have on my windows pc and on my android )
when I try to connect I get the following in the journal:
iul 29 14:23:43 station1 kernel: iked[283119]: segfault at 28 ip 000000000045195d sp 00007ffe2a7e6900 error 4 in iked[400000+891000]
iul 29 14:23:43 station1 kernel: Code: 4c 89 e5 48 89 44 24 38 48 8d 84 24 88 00 00 00 45 89 d4 45 89 de 48 89 44 24 50 48 8b 45 00 45 89 f5 31 ff 31 db 4a 8b 0c e8 <8b> 51 28 85 d2 74 42 48 8b 71 20 8d 7a ff 31 db 48 8d 46 08 4c 8d
iul 29 14:23:43 station1 fctsched[283131]: /opt/forticlient/iked: invalid option -- 'P'
iul 29 14:23:43 station1 regolith.desktop[281914]: 14:23:43.573 › VpnHandler UNHANDLED {"isTrusted":true}
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
Did you copy the VPN configuration file from Windows to Linux? And does this config use IKEv1?
Know that Linux' FCT VPN supports only IKEv2, and I guess the "P" option probably stands for Peer ID when you use PSK in IKEv1.
Hello,
Thank you for the reply.
The configuration is not a copy of a file.
The configuration is choosing ipsec VPN,IP of remote gateway, then using PSK for Authentication Method, then a username and password.
So - I understand that if I choose PSK then automatically I have IKEv1 ?
Sorry for the mistake, after double check the peer ID can also be specified for IKEv2.
And no, PSK is not only for IKEv1, but for v2 as well.
Please share your VPN config in Linux and FortiClient VPN version. You can hide the sensitive information (IP and so).
here you go:
Created on 08-02-2024 05:14 AM Edited on 08-02-2024 05:16 AM
<?xml version="1.0" encoding="UTF-8"?>
<forticlient_configuration authentication="xxxx">
<forticlient_version>7.0.7.0246</forticlient_version>
<version>7.0.7</version>
<date>2019/05/13</date>
<partial_configuration>0</partial_configuration>
<os_version>Linux</os_version>
<system>
<ui>
<disable_backup>0</disable_backup>
<ads>0</ads>
<default_tab>COMP</default_tab>
<flashing_system_tray_icon>1</flashing_system_tray_icon>
<hide_system_tray_icon>0</hide_system_tray_icon>
<show_host_tag>0</show_host_tag>
<suppress_admin_prompt>0</suppress_admin_prompt>
<password />
<culture_code>os-default</culture_code>
<gpu_rendering>0</gpu_rendering>
<hide_user_info>0</hide_user_info>
<lock />
<replacement_messages>
<quarantine>
<title>
<title />
</title>
<statement>
<remediation />
</statement>
<remediation>
<remediation />
</remediation>
</quarantine>
</replacement_messages>
<allow_shutdown_when_registered>0</allow_shutdown_when_registered>
</ui>
<log_settings>
<onnet_local_logging>1</onnet_local_logging>
<level>6</level>
<log_events>ipsecvpn,sslvpn,scheduler,firewall,proxy,shield,webfilter,endpoint,fssoma,configd,vuln,sandboxing,av,update</log_events>
<remote_logging>
<log_upload_enabled>0</log_upload_enabled>
<log_upload_server />
<log_upload_ssl_enabled>1</log_upload_ssl_enabled>
<log_retention_days>90</log_retention_days>
<log_upload_freq_minutes>60</log_upload_freq_minutes>
<log_generation_timeout_secs>900</log_generation_timeout_secs>
<netlog_categories>7</netlog_categories>
<send_os_events>
<enabled>0</enabled>
<interval>120</interval>
</send_os_events>
</remote_logging>
</log_settings>
<proxy>
<update>0</update>
<online_scep>0</online_scep>
<virus_submission>0</virus_submission>
<type>http</type>
<address />
<port>80</port>
<username />
<password />
<fail_over_to_fdn>0</fail_over_to_fdn>
</proxy>
<update>
<use_custom_server>0</use_custom_server>
<server />
<port>80</port>
<timeout>60</timeout>
<failoverport>8000</failoverport>
<fail_over_to_fdn>1</fail_over_to_fdn>
<use_proxy_when_fail_over_to_fdn>1</use_proxy_when_fail_over_to_fdn>
<auto_patch>0</auto_patch>
<submit_virus_info_to_fds>1</submit_virus_info_to_fds>
<update_action>notify_only</update_action>
<restrict_services_to_regions />
<use_legacy_fdn>1</use_legacy_fdn>
<ocsp_mode>1</ocsp_mode>
<scheduled_update>
<enabled>1</enabled>
<type>interval</type>
<daily_at>01:22</daily_at>
<update_interval_in_hours>1</update_interval_in_hours>
</scheduled_update>
</update>
<fortiproxy>
<enabled>1</enabled>
<enable_https_proxy>1</enable_https_proxy>
<http_timeout>60</http_timeout>
<client_comforting>
<pop3_client>1</pop3_client>
<pop3_server>1</pop3_server>
<smtp>1</smtp>
</client_comforting>
<selftest>
<enabled>1</enabled>
<last_port>65535</last_port>
<notify>1</notify>
</selftest>
</fortiproxy>
<certificates>
<ca />
</certificates>
<user_identity>
<enable_manually_entering>1</enable_manually_entering>
<enable_linkedin>1</enable_linkedin>
<enable_google>1</enable_google>
<enable_salesforce>1</enable_salesforce>
<notify_user>0</notify_user>
</user_identity>
</system>
<endpoint_control>
<enabled>1</enabled>
<socket_connect_timeouts>1:5</socket_connect_timeouts>
<disable_unregister>0</disable_unregister>
<disable_fgt_switch>0</disable_fgt_switch>
<show_bubble_notifications>1</show_bubble_notifications>
<silent_registration>0</silent_registration>
<notify_fgt_on_logoff>1</notify_fgt_on_logoff>
<avatar_enabled>1</avatar_enabled>
<send_software_inventory>0</send_software_inventory>
<ui>
<display_antivirus>1</display_antivirus>
<display_webfilter>1</display_webfilter>
<display_firewall>1</display_firewall>
<display_vpn>1</display_vpn>
<display_vulnerability_scan>1</display_vulnerability_scan>
<display_sandbox>1</display_sandbox>
<display_compliance>1</display_compliance>
<display_ztna>0</display_ztna>
<hide_compliance_warning>0</hide_compliance_warning>
</ui>
<forticloud>
<server />
<invitation_code />
</forticloud>
<invalid_cert_action>warn</invalid_cert_action>
<enable_dns_cache>0</enable_dns_cache>
</endpoint_control>
<antivirus>
<enabled>1</enabled>
<signature_expired_notification>0</signature_expired_notification>
<scan_on_insertion>0</scan_on_insertion>
<shell_integration>1</shell_integration>
<antirootkit>4294967295</antirootkit>
<fortiguard_analytics>1</fortiguard_analytics>
<multi_process_limit>1</multi_process_limit>
<block_removable_media>0</block_removable_media>
<on_demand_scanning>
<use_extreme_db>1</use_extreme_db>
<on_virus_found>4</on_virus_found>
<pause_on_battery_power>1</pause_on_battery_power>
<signature_load_memory_threshold>8</signature_load_memory_threshold>
<automatic_virus_submission>
<enabled>0</enabled>
<smtp_server>fortinetvirussubmit.com</smtp_server>
<username></username>
<password></password>
</automatic_virus_submission>
<compressed_files>
<scan>1</scan>
<maxsize>0</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>3</level>
<action>2</action>
</heuristic_scanning>
<exclusions>
<file_types>
<extensions />
</file_types>
</exclusions>
</on_demand_scanning>
<real_time_protection>
<enabled>1</enabled>
<use_extreme_db>0</use_extreme_db>
<when>0</when>
<ignore_system_when>2</ignore_system_when>
<on_virus_found>5</on_virus_found>
<popup_alerts>1</popup_alerts>
<popup_registry_alerts>0</popup_registry_alerts>
<bypass_java>0</bypass_java>
<cloud_based_detection>
<on_virus_found>4</on_virus_found>
</cloud_based_detection>
<sandboxing>
<use_sandbox_signatures>0</use_sandbox_signatures>
<sandbox_server />
</sandboxing>
<compressed_files>
<scan>1</scan>
<maxsize>10</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>0</level>
<action>3</action>
</heuristic_scanning>
<exclusions>
<file_types>
<extensions>.7z,.arj,.bzip,.bzip2,.cab,.gzip,.lzh,.msc,.rar,.tar,.tgz,.zip</extensions>
</file_types>
</exclusions>
</real_time_protection>
<email>
<smtp>1</smtp>
<pop3>1</pop3>
<outlook>1</outlook>
<wormdetection>
<enabled>0</enabled>
<action>0</action>
</wormdetection>
<heuristic_scanning>
<enabled>0</enabled>
<action>0</action>
</heuristic_scanning>
<mime_scanning>
<enabled>0</enabled>
</mime_scanning>
</email>
<quarantine>
<cullage>100</cullage>
</quarantine>
<server>
<exchange>
<integrate>0</integrate>
<action>0</action>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</exchange>
<sqlserver>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</sqlserver>
</server>
<sandboxing>
<use_sandbox_signatures>0</use_sandbox_signatures>
</sandboxing>
<scheduled_scans>
<ignore_3rd_party_av_conflicts>0</ignore_3rd_party_av_conflicts>
<scan_type>full</scan_type>
<full>
<enabled>0</enabled>
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</full>
<directory>
<enabled>0</enabled>
<directory />
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</directory>
<quick>
<enabled>0</enabled>
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</quick>
</scheduled_scans>
</antivirus>
<vulnerability_scan>
<enabled>1</enabled>
<scan_on_registration>1</scan_on_registration>
<scan_on_signature_update>1</scan_on_signature_update>
<proxy_enabled>0</proxy_enabled>
<auto_patch>
<level>high</level>
</auto_patch>
<scheduled_scans>
<schedule>
<enable_schedule>0</enable_schedule>
<repeat>1</repeat>
<day>1</day>
<time>19:30</time>
</schedule>
</scheduled_scans>
<scan_on_fgt_registration>0</scan_on_fgt_registration>
<windows_update>0</windows_update>
<exempt_manual>0</exempt_manual>
<exemptions />
<exempt_no_auto_patch>0</exempt_no_auto_patch>
</vulnerability_scan>
<sandboxing>
<enabled>0</enabled>
<address />
<response_timeout>0</response_timeout>
<when>
<executables_on_removable_media>0</executables_on_removable_media>
<executables_on_mapped_nw_drives>0</executables_on_mapped_nw_drives>
<web_downloads>0</web_downloads>
<email_downloads>0</email_downloads>
</when>
<remediation>
<action />
<on_error />
</remediation>
<exceptions>
<exclude_files_from_trusted_sources>0</exclude_files_from_trusted_sources>
<exclude_files_and_folders>0</exclude_files_and_folders>
<folders />
<files />
</exceptions>
</sandboxing>
<removable_media_access>
<enabled>0</enabled>
<show_bubble_notifications>0</show_bubble_notifications>
<action>allow</action>
</removable_media_access>
<webfilter>
<enable_https_deep_inspection>0</enable_https_deep_inspection>
<block_malicious_websites>0</block_malicious_websites>
<disable_when_managed>0</disable_when_managed>
<https_block_method>0</https_block_method>
<bypass_private_ip>0</bypass_private_ip>
<wildcard_match_root_domain>0</wildcard_match_root_domain>
<sync_with_fgt_fmg>0</sync_with_fgt_fmg>
<fgt_fmg_profile_id>0</fgt_fmg_profile_id>
<enable_filter>0</enable_filter>
<current_profile>0</current_profile>
<profiles />
</webfilter>
<vpn>
<enabled>0</enabled>
<options>
<current_connection_name />
<autoconnect_tunnel />
<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>
<keep_running_max_retries>0</keep_running_max_retries>
<allow_personal_vpns>1</allow_personal_vpns>
<disable_connect_disconnect>0</disable_connect_disconnect>
<minimize_window_on_connect>0</minimize_window_on_connect>
<inherit_local_dns>0</inherit_local_dns>
<dns_service_resetting_interval>0</dns_service_resetting_interval>
<suppress_vpn_notification>0</suppress_vpn_notification>
</options>
<sslvpn>
<options>
<enabled>0</enabled>
<block_ipv6>0</block_ipv6>
<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
<preferred_dtls_tunnel>0</preferred_dtls_tunnel>
<prefer_sslvpn_dns>1</prefer_sslvpn_dns>
</options>
<connections />
</sslvpn>
<ipsecvpn>
<options>
<enabled>0</enabled>
</options>
<connections>
<connection>
<name>test</name>
<description />
<username></username>
<keep_running>0</keep_running>
<ui>
<show_remember_password>0</show_remember_password>
<show_alwaysup>0</show_alwaysup>
<show_autoconnect>0</show_autoconnect>
<ems_allow_show_remember_password>0</ems_allow_show_remember_password>
<ems_allow_show_alwaysup>0</ems_allow_show_alwaysup>
<ems_allow_show_autoconnect>0</ems_allow_show_autoconnect>
<save_username>1</save_username>
<save_password>0</save_password>
</ui>
<disclaimer_msg />
<redundant_sort_method>0</redundant_sort_method>
<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
<ike_settings>
<server>109</server>
<authentication_method>Preshared Key</authentication_method>
<fgt>0</fgt>
<prompt_certificate>0</prompt_certificate>
<certificate />
<sso_enabled>0</sso_enabled>
<ike_saml_port>0</ike_saml_port>
<xauth>
<use_otp>0</use_otp>
<enabled>1</enabled>
<prompt_username>0</prompt_username>
</xauth>
<version>0</version>
<key_life>0</key_life>
<localid />
<mode_config>0</mode_config>
<sase_mode>0</sase_mode>
<auth_data>
<preshared_key />
</auth_data>
<xauth_timeout>0</xauth_timeout>
<dhgroup />
<proposals />
</ike_settings>
<ipsec_settings>
<remote_networks />
<dhgroup />
<key_life_type />
<key_life_seconds>0</key_life_seconds>
<key_life_Kbytes>0</key_life_Kbytes>
<proposals />
</ipsec_settings>
</connection>
</connections>
</ipsecvpn>
</vpn>
<ztna>
<enabled>0</enabled>
<allow_personal_rules>1</allow_personal_rules>
<notify_on_error>1</notify_on_error>
<disallow_invalid_server_certificate>0</disallow_invalid_server_certificate>
<rules />
<portals_enabled>1</portals_enabled>
<portals />
<gateways_enabled>1</gateways_enabled>
<gateways />
</ztna>
</forticlient_configuration>
Created on 08-02-2024 05:44 AM Edited on 08-02-2024 05:45 AM
<?xml version="1.0" encoding="UTF-8"?>
<forticlient_configuration authentication="">
<forticlient_version>7.0.7.0246</forticlient_version>
<version>7.0.7</version>
<date>2019/05/13</date>
<partial_configuration>0</partial_configuration>
<os_version>Linux</os_version>
<system>
<ui>
<disable_backup>0</disable_backup>
<ads>0</ads>
<default_tab>COMP</default_tab>
<flashing_system_tray_icon>1</flashing_system_tray_icon>
<hide_system_tray_icon>0</hide_system_tray_icon>
<show_host_tag>0</show_host_tag>
<suppress_admin_prompt>0</suppress_admin_prompt>
<password />
<culture_code>os-default</culture_code>
<gpu_rendering>0</gpu_rendering>
<hide_user_info>0</hide_user_info>
<lock />
<replacement_messages>
<quarantine>
<title>
<title />
</title>
<statement>
<remediation />
</statement>
<remediation>
<remediation />
</remediation>
</quarantine>
</replacement_messages>
<allow_shutdown_when_registered>0</allow_shutdown_when_registered>
</ui>
<log_settings>
<onnet_local_logging>1</onnet_local_logging>
<level>6</level>
<log_events>ipsecvpn,sslvpn,scheduler,firewall,proxy,shield,webfilter,endpoint,fssoma,configd,vuln,sandboxing,av,update</log_events>
<remote_logging>
<log_upload_enabled>0</log_upload_enabled>
<log_upload_server />
<log_upload_ssl_enabled>1</log_upload_ssl_enabled>
<log_retention_days>90</log_retention_days>
<log_upload_freq_minutes>60</log_upload_freq_minutes>
<log_generation_timeout_secs>900</log_generation_timeout_secs>
<netlog_categories>7</netlog_categories>
<send_os_events>
<enabled>0</enabled>
<interval>120</interval>
</send_os_events>
</remote_logging>
</log_settings>
<proxy>
<update>0</update>
<online_scep>0</online_scep>
<virus_submission>0</virus_submission>
<type>http</type>
<address />
<port>80</port>
<username />
<password />
<fail_over_to_fdn>0</fail_over_to_fdn>
</proxy>
<update>
<use_custom_server>0</use_custom_server>
<server />
<port>80</port>
<timeout>60</timeout>
<failoverport>8000</failoverport>
<fail_over_to_fdn>1</fail_over_to_fdn>
<use_proxy_when_fail_over_to_fdn>1</use_proxy_when_fail_over_to_fdn>
<auto_patch>0</auto_patch>
<submit_virus_info_to_fds>1</submit_virus_info_to_fds>
<update_action>notify_only</update_action>
<restrict_services_to_regions />
<use_legacy_fdn>1</use_legacy_fdn>
<ocsp_mode>1</ocsp_mode>
<scheduled_update>
<enabled>1</enabled>
<type>interval</type>
<daily_at>01:22</daily_at>
<update_interval_in_hours>1</update_interval_in_hours>
</scheduled_update>
</update>
<fortiproxy>
<enabled>1</enabled>
<enable_https_proxy>1</enable_https_proxy>
<http_timeout>60</http_timeout>
<client_comforting>
<pop3_client>1</pop3_client>
<pop3_server>1</pop3_server>
<smtp>1</smtp>
</client_comforting>
<selftest>
<enabled>1</enabled>
<last_port>65535</last_port>
<notify>1</notify>
</selftest>
</fortiproxy>
<certificates>
<ca />
</certificates>
<user_identity>
<enable_manually_entering>1</enable_manually_entering>
<enable_linkedin>1</enable_linkedin>
<enable_google>1</enable_google>
<enable_salesforce>1</enable_salesforce>
<notify_user>0</notify_user>
</user_identity>
</system>
<endpoint_control>
<enabled>1</enabled>
<socket_connect_timeouts>1:5</socket_connect_timeouts>
<disable_unregister>0</disable_unregister>
<disable_fgt_switch>0</disable_fgt_switch>
<show_bubble_notifications>1</show_bubble_notifications>
<silent_registration>0</silent_registration>
<notify_fgt_on_logoff>1</notify_fgt_on_logoff>
<avatar_enabled>1</avatar_enabled>
<send_software_inventory>0</send_software_inventory>
<ui>
<display_antivirus>1</display_antivirus>
<display_webfilter>1</display_webfilter>
<display_firewall>1</display_firewall>
<display_vpn>1</display_vpn>
<display_vulnerability_scan>1</display_vulnerability_scan>
<display_sandbox>1</display_sandbox>
<display_compliance>1</display_compliance>
<display_ztna>0</display_ztna>
<hide_compliance_warning>0</hide_compliance_warning>
</ui>
<forticloud>
<server />
<invitation_code />
</forticloud>
<invalid_cert_action>warn</invalid_cert_action>
<enable_dns_cache>0</enable_dns_cache>
</endpoint_control>
<antivirus>
<enabled>1</enabled>
<signature_expired_notification>0</signature_expired_notification>
<scan_on_insertion>0</scan_on_insertion>
<shell_integration>1</shell_integration>
<antirootkit>4294967295</antirootkit>
<fortiguard_analytics>1</fortiguard_analytics>
<multi_process_limit>1</multi_process_limit>
<block_removable_media>0</block_removable_media>
<on_demand_scanning>
<use_extreme_db>1</use_extreme_db>
<on_virus_found>4</on_virus_found>
<pause_on_battery_power>1</pause_on_battery_power>
<signature_load_memory_threshold>8</signature_load_memory_threshold>
<automatic_virus_submission>
<enabled>0</enabled>
<smtp_server>fortinetvirussubmit.com</smtp_server>
<username></username>
<password></password>
</automatic_virus_submission>
<compressed_files>
<scan>1</scan>
<maxsize>0</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>3</level>
<action>2</action>
</heuristic_scanning>
<exclusions>
<file_types>
<extensions />
</file_types>
</exclusions>
</on_demand_scanning>
<real_time_protection>
<enabled>1</enabled>
<use_extreme_db>0</use_extreme_db>
<when>0</when>
<ignore_system_when>2</ignore_system_when>
<on_virus_found>5</on_virus_found>
<popup_alerts>1</popup_alerts>
<popup_registry_alerts>0</popup_registry_alerts>
<bypass_java>0</bypass_java>
<cloud_based_detection>
<on_virus_found>4</on_virus_found>
</cloud_based_detection>
<sandboxing>
<use_sandbox_signatures>0</use_sandbox_signatures>
<sandbox_server />
</sandboxing>
<compressed_files>
<scan>1</scan>
<maxsize>10</maxsize>
</compressed_files>
<riskware>
<enabled>1</enabled>
</riskware>
<adware>
<enabled>1</enabled>
</adware>
<heuristic_scanning>
<level>0</level>
<action>3</action>
</heuristic_scanning>
<exclusions>
<file_types>
<extensions>.7z,.arj,.bzip,.bzip2,.cab,.gzip,.lzh,.msc,.rar,.tar,.tgz,.zip</extensions>
</file_types>
</exclusions>
</real_time_protection>
<email>
<smtp>1</smtp>
<pop3>1</pop3>
<outlook>1</outlook>
<wormdetection>
<enabled>0</enabled>
<action>0</action>
</wormdetection>
<heuristic_scanning>
<enabled>0</enabled>
<action>0</action>
</heuristic_scanning>
<mime_scanning>
<enabled>0</enabled>
</mime_scanning>
</email>
<quarantine>
<cullage>100</cullage>
</quarantine>
<server>
<exchange>
<integrate>0</integrate>
<action>0</action>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</exchange>
<sqlserver>
<excludefilesystemfromscanning>0</excludefilesystemfromscanning>
<excludefileextensionsfromscanning>0</excludefileextensionsfromscanning>
</sqlserver>
</server>
<sandboxing>
<use_sandbox_signatures>0</use_sandbox_signatures>
</sandboxing>
<scheduled_scans>
<ignore_3rd_party_av_conflicts>0</ignore_3rd_party_av_conflicts>
<scan_type>full</scan_type>
<full>
<enabled>0</enabled>
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</full>
<directory>
<enabled>0</enabled>
<directory />
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</directory>
<quick>
<enabled>0</enabled>
<repeat>2</repeat>
<day_of_month>1</day_of_month>
<time>12:00</time>
<removable_media>1</removable_media>
<network_drives>0</network_drives>
<priority>0</priority>
<days>7</days>
</quick>
</scheduled_scans>
</antivirus>
<vulnerability_scan>
<enabled>1</enabled>
<scan_on_registration>1</scan_on_registration>
<scan_on_signature_update>1</scan_on_signature_update>
<proxy_enabled>0</proxy_enabled>
<auto_patch>
<level>high</level>
</auto_patch>
<scheduled_scans>
<schedule>
<enable_schedule>0</enable_schedule>
<repeat>1</repeat>
<day>1</day>
<time>19:30</time>
</schedule>
</scheduled_scans>
<scan_on_fgt_registration>0</scan_on_fgt_registration>
<windows_update>0</windows_update>
<exempt_manual>0</exempt_manual>
<exemptions />
<exempt_no_auto_patch>0</exempt_no_auto_patch>
</vulnerability_scan>
<sandboxing>
<enabled>0</enabled>
<address />
<response_timeout>0</response_timeout>
<when>
<executables_on_removable_media>0</executables_on_removable_media>
<executables_on_mapped_nw_drives>0</executables_on_mapped_nw_drives>
<web_downloads>0</web_downloads>
<email_downloads>0</email_downloads>
</when>
<remediation>
<action />
<on_error />
</remediation>
<exceptions>
<exclude_files_from_trusted_sources>0</exclude_files_from_trusted_sources>
<exclude_files_and_folders>0</exclude_files_and_folders>
<folders />
<files />
</exceptions>
</sandboxing>
<removable_media_access>
<enabled>0</enabled>
<show_bubble_notifications>0</show_bubble_notifications>
<action>allow</action>
</removable_media_access>
<webfilter>
<enable_https_deep_inspection>0</enable_https_deep_inspection>
<block_malicious_websites>0</block_malicious_websites>
<disable_when_managed>0</disable_when_managed>
<https_block_method>0</https_block_method>
<bypass_private_ip>0</bypass_private_ip>
<wildcard_match_root_domain>0</wildcard_match_root_domain>
<sync_with_fgt_fmg>0</sync_with_fgt_fmg>
<fgt_fmg_profile_id>0</fgt_fmg_profile_id>
<enable_filter>0</enable_filter>
<current_profile>0</current_profile>
<profiles />
</webfilter>
<vpn>
<enabled>0</enabled>
<options>
<current_connection_name />
<autoconnect_tunnel />
<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>
<keep_running_max_retries>0</keep_running_max_retries>
<allow_personal_vpns>1</allow_personal_vpns>
<disable_connect_disconnect>0</disable_connect_disconnect>
<minimize_window_on_connect>0</minimize_window_on_connect>
<inherit_local_dns>0</inherit_local_dns>
<dns_service_resetting_interval>0</dns_service_resetting_interval>
<suppress_vpn_notification>0</suppress_vpn_notification>
</options>
<sslvpn>
<options>
<enabled>0</enabled>
<block_ipv6>0</block_ipv6>
<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
<preferred_dtls_tunnel>0</preferred_dtls_tunnel>
<prefer_sslvpn_dns>1</prefer_sslvpn_dns>
</options>
<connections />
</sslvpn>
<ipsecvpn>
<options>
<enabled>0</enabled>
</options>
<connections>
<connection>
<name>test</name>
<description />
<username></username>
<keep_running>0</keep_running>
<ui>
<show_remember_password>0</show_remember_password>
<show_alwaysup>0</show_alwaysup>
<show_autoconnect>0</show_autoconnect>
<ems_allow_show_remember_password>0</ems_allow_show_remember_password>
<ems_allow_show_alwaysup>0</ems_allow_show_alwaysup>
<ems_allow_show_autoconnect>0</ems_allow_show_autoconnect>
<save_username>1</save_username>
<save_password>0</save_password>
</ui>
<disclaimer_msg />
<redundant_sort_method>0</redundant_sort_method>
<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
<ike_settings>
<server>109</server>
<authentication_method>Preshared Key</authentication_method>
<fgt>0</fgt>
<prompt_certificate>0</prompt_certificate>
<certificate />
<sso_enabled>0</sso_enabled>
<ike_saml_port>0</ike_saml_port>
<xauth>
<use_otp>0</use_otp>
<enabled>1</enabled>
<prompt_username>0</prompt_username>
</xauth>
<version>0</version>
<key_life>0</key_life>
<localid />
<mode_config>0</mode_config>
<sase_mode>0</sase_mode>
<auth_data>
<preshared_key />
</auth_data>
<xauth_timeout>0</xauth_timeout>
<dhgroup />
<proposals />
</ike_settings>
<ipsec_settings>
<remote_networks />
<dhgroup />
<key_life_type />
<key_life_seconds>0</key_life_seconds>
<key_life_Kbytes>0</key_life_Kbytes>
<proposals />
</ipsec_settings>
</connection>
</connections>
</ipsecvpn>
</vpn>
<ztna>
<enabled>0</enabled>
<allow_personal_rules>1</allow_personal_rules>
<notify_on_error>1</notify_on_error>
<disallow_invalid_server_certificate>0</disallow_invalid_server_certificate>
<rules />
<portals_enabled>1</portals_enabled>
<portals />
<gateways_enabled>1</gateways_enabled>
<gateways />
</ztna>
</forticlient_configuration>
7.0.7 is your FCT version?
Hello,
Apologies but I am unsure of what is FCT.
The forticlient.deb package that I downloaded is forticlient_vpn_7.4.0.1636_amd64.deb . You can see also in the print screen and below.
forticlient version
FortiClient Version: 7.4.0.1636
FortiClient Serial: FCT8004081746744
FortiClient UID: 25EEA27A1C964783B2682C9A9DB2F9EF
=====================================
Engines
=====================================
AntiVirus: 0.00000
Vulnerability: 0.00000
=====================================
Signatures
=====================================
AntiVirus: 1.00000
AntiVirus Extended: Unavailable
Vulnerability: 0.00000
Sandbox: Unavailable
ICDB: 0.00000
Now - the XML that I attached previously is exported through the interface that I printscreened above ( so the version of the interface states 7.4.0). I chose the functionality to backup the configuration. I see in the configuration that I sent that there is a 7.0.7 but I am not aware where that came from. Meaning - I do not know what is the package that wrote that information.
This is the part of the xml that you asked your question about I guess:
<forticlient_version>7.0.7.0246</forticlient_version>
<version>7.0.7</version>
<date>2019/05/13</date>
This is a list of packages that are installed on my laptop that contain `forti:
dpkg --list | grep forti
ii forticlient 7.4.0.1636 amd64 FortiClient, now available on Linux, is an endpoint protection application that runs on Microsoft Windows, Mac OS X, iOS and Android. It is backed by antivirus engine and signatures from the well-known FortiGuard labs - www.fortiguard.com. FortiClient on Windows has won various third-party awards, such as from VB100, AV Comparatives and NSS.
ii network-manager-fortisslvpn 1.2.10-0ubuntu3 amd64 network management framework (Fortinet SSLVPN plugin core)
ii network-manager-fortisslvpn-gnome 1.2.10-0ubuntu3 amd64 network management framework (Fortinet SSLVPN plugin GNOME GUI)
ii openfortivpn 1.17.1-1build1 amd64 Fortinet client for PPP+SSL VPN tunnel services
From my pov I would say that the version is 7.4.0.1636 but the configuration says otherwise.
First time I installed 7.4.0 and tested IPsec, which is new feature in FortiClient VPN.
I got messages similar to yours.
Aug 4 16:06:29 mint2x kernel: [12765.747042] iked[113142]: segfault at 28 ip 000000000045195d sp 00007ffe02d536c0 error 4 in iked[400000+891000]
Aug 4 16:06:29 mint2x kernel: [12765.747080] Code: 4c 89 e5 48 89 44 24 38 48 8d 84 24 88 00 00 00 45 89 d4 45 89 de 48 89 44 24 50 48 8b 45 00 45 89 f5 31 ff 31 db 4a 8b 0c e8 <8b> 51 28 85 d2 74 42 48 8b 71 20 8d 7a ff 31 db 48 8d 46
08 4c 8d
Aug 4 16:06:29 mint2x fctsched[113171]: /opt/forticlient/iked: invalid option -- 'P'
Aug 4 16:06:29 mint2x systemd[1]: Started Process Core Dump (PID 113172/UID 0).
Aug 4 16:06:30 mint2x systemd-coredump[113180]: Process 113142 (iked) of user 0 dumped core.#012#012Found module linux-vdso.so.1 with build-id: cf68e5b0f4f33dfabf8969700b3530541157a487#012Found module legacy.so with build-id: 548117307
2312942cc5cfa6eef15eaa59463d352#012Found module libpcre2-8.so.0 with build-id: 184a841c55fb7fe5e3873fcda8368c71016cd54c#012Found module libblkid.so.1 with build-id: ecc1dfaec3a7241b41b76c3590fa135fb3c8ddfa#012Found module libgpg-error.s
o.0 with build-id: 3fbec71c67bee60d8aef00697ee187079b0fb307#012Found module libffi.so.8 with build-id: 59c2a6b204f74f358ca7711d2dfd349d88711f6a#012Found module libselinux.so.1 with build-id: 6fa53202ce676297de24873c886443b2759bfd8a#012F
ound module libmount.so.1 with build-id: a339abbcd0eb8dadcbd09c372ffac2f0eb31eeaa#012Found module libz.so.1 with build-id: 30840b79ac329ecbf1dec0bb60180eed256d319f#012Found module libgmodule-2.0.so.0 with build-id: 4663e16af8ee20469e2ed
5937b1aeb3b50df0af1#012Found module libpcre.so.3 with build-id: 3982f316c887e3ad9598015fa5bae8557320476a#012Found module libgcrypt.so.20 with build-id: 60a5e524de0ed8323edf33e9eb9127a9eee02359#012Found module libgobject-2.0.so.0 with bu
ild-id: 9e8e57082c3651843713c59ecf2976863d6d1dcd#012Found module libgio-2.0.so.0 with build-id: 9fc3ec50ff6302f82ac43f1b28e67909662dc914#012Found module ld-linux-x86-64.so.2 with build-id: 4186944c50f8a32b47d74931e3f512b811813b64#012Fou
nd module libc.so.6 with build-id: 490fef8403240c91833978d494d39e537409b92e#012Found module libgcc_s.so.1 with build-id: e3a44e0da9c6e835d293ed8fd2882b4c4a87130c#012Found module libm.so.6 with build-id: a508ec5d8bf12fb7fd08204e0f87518e5
cd0b102#012Found module libstdc++.so.6 with build-id: e37fe1a879783838de78cbc8c80621fa685d58a2#012Found module libpthread.so.0 with build-id: 81f46d553e2f7c999e43c3eede73a822bc8d5d93#012Found module libuuid.so.1 with build-id: 2ad45e51f
4ac4fc8b5f4ef938a18ca8e0a05e4af#012Found module libdl.so.2 with build-id: 6f6fe1a24b7b981e11c9a3373b806d3496d4d9d4#012Found module libanl.so.1 with build-id: 4e62fff617d96dbe405bcc86c5871aa845856c57#012Found module libglib-2.0.so.0 with
build-id: 224ac2a88b72bc8e2fe8566ee28fae789fc69241#012Found module libsecret-1.so.0 with build-id: f1bc90f2861b0a48efde601947460df81f47597b#012Found module iked with build-id: f4ecc871b89481e3cf8ffc0a247257dcfcef3414#012Stack trace of
thread 113142:#012#0 0x000000000045195d n/a (iked + 0x5195d)#012#1 0x0000000000453a88 n/a (iked + 0x53a88)#012#2 0x0000000000454f7b n/a (iked + 0x54f7b)#012#3 0x000000000042850a n/a (iked + 0x2850a)#012#4 0x0000000000414b52 n/a (ik
ed + 0x14b52)#012#5 0x00007f2512344d90 __libc_start_call_main (libc.so.6 + 0x29d90)#012#6 0x00007f2512344e40 __libc_start_main_impl (libc.so.6 + 0x29e40)#012#7 0x0000000000419779 n/a (iked + 0x19779)#012#012Stack trace of thread 1131
49:#012#0 0x00007f2512433bcf __GI___poll (libc.so.6 + 0x118bcf)#012#1 0x00007f251293c256 n/a (libglib-2.0.so.0 + 0xab256)#012#2 0x00007f25128e43e3 g_main_context_iteration (libglib-2.0.so.0 + 0x533e3)#012#3 0x00007f25128e4431 n/a (l
ibglib-2.0.so.0 + 0x53431)#012#4 0x00007f2512915ab1 n/a (libglib-2.0.so.0 + 0x84ab1)#012#5 0x00007f25123afac3 start_thread (libc.so.6 + 0x94ac3)#012#6 0x00007f2512441850 __clone3 (libc.so.6 + 0x126850)#012#012Stack trace of thread 11
3150:#012#0 0x00007f251243988d syscall (libc.so.6 + 0x11e88d)#012#1 0x00007f25129360ac g_cond_wait_until (libglib-2.0.so.0 + 0xa50ac)#012#2 0x00007f25128b63e1 n/a (libglib-2.0.so.0 + 0x253e1)#012#3 0x00007f251291886a n/a (libglib-2.
0.so.0 + 0x8786a)#012#4 0x00007f2512915ab1 n/a (libglib-2.0.so.0 + 0x84ab1)#012#5 0x00007f25123afac3 start_thread (libc.so.6 + 0x94ac3)#012#6 0x00007f2512441850 __clone3 (libc.so.6 + 0x126850)#012#012Stack trace of thread 113151:#012
#0 0x00007f2512433bcf __GI___poll (libc.so.6 + 0x118bcf)#012#1 0x00007f251293c256 n/a (libglib-2.0.so.0 + 0xab256)#012#2 0x00007f25128e62b3 g_main_loop_run (libglib-2.0.so.0 + 0x552b3)#012#3 0x00007f251225681a n/a (libgio-2.0.so.0 +
0x11581a)#012#4 0x00007f2512915ab1 n/a (libglib-2.0.so.0 + 0x84ab1)#012#5 0x00007f25123afac3 start_thread (libc.so.6 + 0x94ac3)#012#6 0x00007f2512441850 __clone3 (libc.so.6 + 0x126850)
Aug 4 16:06:30 mint2x fctsched[113171]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
Aug 4 16:06:30 mint2x fctsched[113171]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
Aug 4 16:06:30 mint2x systemd[1]: systemd-coredump@3-113172-0.service: Deactivated successfully.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.