I've just installed FortiClient VPN the .deb package from here https://www.fortinet.com/support/product-downloads .
installed with `sudo dpkg -i ...`
Setupd the configuration ( as I have on my windows pc and on my android )
when I try to connect I get the following in the journal:
iul 29 14:23:43 station1 kernel: iked[283119]: segfault at 28 ip 000000000045195d sp 00007ffe2a7e6900 error 4 in iked[400000+891000]
iul 29 14:23:43 station1 kernel: Code: 4c 89 e5 48 89 44 24 38 48 8d 84 24 88 00 00 00 45 89 d4 45 89 de 48 89 44 24 50 48 8b 45 00 45 89 f5 31 ff 31 db 4a 8b 0c e8 <8b> 51 28 85 d2 74 42 48 8b 71 20 8d 7a ff 31 db 48 8d 46 08 4c 8d
iul 29 14:23:43 station1 fctsched[283131]: /opt/forticlient/iked: invalid option -- 'P'
iul 29 14:23:43 station1 regolith.desktop[281914]: 14:23:43.573 › VpnHandler UNHANDLED {"isTrusted":true}
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
Furthermore there is no "P" option in "iked" command. So I guess it is a bug in this new release.
$ sudo /opt/forticlient/iked -- 'P'
[sudo] password for b52:
Usage:
vpn {--server=server} [--user=username] [--password] [--cert-path=certificate_path] [--cert-passwd]
vpn {-s server} [-u username] [-p] [-c certificate_path] [-k]
Options:
-h --help Show the help screen.
-s --server Remote URL (example: "vpn.example.com:8443/demo").
-u --user Username.
-p --password User password. No argument, VPN will prompts for one.
-c --cert-path Certificate URL (example: "/home/user/cert.p12").
-k --cert-passwd Certificate password. No argument, VPN will prompts for one.
-l --cert-label Certificate label for smartcard. Default is first cert in smart card.
Examples:
vpn -s server -u username -p
vpn --server=server --user=username --password
vpn --server=server --user=username --password --cert-path=certificate_path --cert-passwd
vpn --server=server --cert-path=certificate_path --cert-passwd
does this version support ipsec in linux? All FortiClient linux versions I knew only supported ssl vpn but no ipsec.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Yes it does. IPsec has been introduced in 7.4.0.
1. FortiClient for Linux only supports IKEv2 (starting from version 7.2.4):
2. The profile must be pushed from EMS to work. Locally created VPN profiles (personal VPN) do not work as of now. The error /opt/forticlient/iked: invalid option -- 'P' is due to this.
Hi,
any idea of when the issue will be fixed.
I'm using forticlient_vpn_7.4.0.1636_amd64.deb on ubuntu 24.04 and I'm facing the same issue described here.
Cheers,
Nicola
You must use FortiClient EMS server to push IPsec IKEv2 remote access profiles to the Linux endpoint.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.