forticlient for linux - invalid option -- 'P'

arw357 · ‎07-29-2024

I've just installed FortiClient VPN the .deb package from here https://www.fortinet.com/support/product-downloads .

installed with `sudo dpkg -i ...`

Setupd the configuration ( as I have on my windows pc and on my android )

when I try to connect I get the following in the journal:

iul 29 14:23:43 station1 kernel: iked[283119]: segfault at 28 ip 000000000045195d sp 00007ffe2a7e6900 error 4 in iked[400000+891000]
iul 29 14:23:43 station1 kernel: Code: 4c 89 e5 48 89 44 24 38 48 8d 84 24 88 00 00 00 45 89 d4 45 89 de 48 89 44 24 50 48 8b 45 00 45 89 f5 31 ff 31 db 4a 8b 0c e8 <8b> 51 28 85 d2 74 42 48 8b 71 20 8d 7a ff 31 db 48 8d 46 08 4c 8d
iul 29 14:23:43 station1 fctsched[283131]: /opt/forticlient/iked: invalid option -- 'P'
iul 29 14:23:43 station1 regolith.desktop[281914]: 14:23:43.573 › VpnHandler UNHANDLED {"isTrusted":true}
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus
iul 29 14:23:43 station1 fctsched[283131]: DBUS_SESSION_BUS_ADDRESS=unix:path=/run/user/1000/bus

AEK · ‎08-05-2024

Furthermore there is no "P" option in "iked" command. So I guess it is a bug in this new release.

$ sudo /opt/forticlient/iked -- 'P'
[sudo] password for b52: 
Usage:
vpn {--server=server} [--user=username] [--password] [--cert-path=certificate_path] [--cert-passwd]
vpn {-s server} [-u username] [-p] [-c certificate_path] [-k]

Options:
-h --help Show the help screen.
-s --server Remote URL (example: "vpn.example.com:8443/demo").
-u --user Username.
-p --password User password. No argument, VPN will prompts for one.
-c --cert-path Certificate URL (example: "/home/user/cert.p12").
-k --cert-passwd Certificate password. No argument, VPN will prompts for one.
-l --cert-label Certificate label for smartcard. Default is first cert in smart card.

Examples:
vpn -s server -u username -p
vpn --server=server --user=username --password
vpn --server=server --user=username --password --cert-path=certificate_path --cert-passwd
vpn --server=server --cert-path=certificate_path --cert-passwd

AEK

sw2090 · ‎08-05-2024

does this version support ipsec in linux? All FortiClient linux versions I knew only supported ssl vpn but no ipsec.

--

"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams

AEK · ‎08-05-2024

Yes it does. IPsec has been introduced in 7.4.0.

AEK

MZBZ · ‎08-22-2024

1. FortiClient for Linux only supports IKEv2 (starting from version 7.2.4):

FortiClient standalone and licensed version feature comparison | FortiClient 7.2.4 | Fortinet Docume...

2. The profile must be pushed from EMS to work. Locally created VPN profiles (personal VPN) do not work as of now. The error /opt/forticlient/iked: invalid option -- 'P' is due to this.

M. B.

nbianchi · ‎09-25-2024

Hi,

any idea of when the issue will be fixed.
I'm using forticlient_vpn_7.4.0.1636_amd64.deb on ubuntu 24.04 and I'm facing the same issue described here.

Cheers,
Nicola

MZBZ · ‎09-27-2024

You must use FortiClient EMS server to push IPsec IKEv2 remote access profiles to the Linux endpoint.

M. B.

forticlient for linux - invalid option -- 'P'

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website