Re: FortiClient VPN stops at 48% with warning -720...

sidp · 06-27-2024

Hi,Our users keep having problems logging in with Forticlient VPN only.It happens very often that Forticlient stops at 48% and issues the warning -7200. Sometimes you have to repeat the login process 3-7 times and then the client asks for the Fortito...

sidp · 06-28-2023

I need help with configuring redundant IPsec tunnels. The peer firewall has 2 public IP addresses. When the primary ISP is offline, the firewall routes everything through the backup ISP, which is working fine so far. On our Fortigate, I have configur...

sidp · 01-18-2023

I found the following article about ospf inter-area distribution.https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-OSPF-to-filter-Inter-Area-routes-using/ta-p/197747https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configu...

sidp · 01-13-2023

Since I come frome cisco, the way I have to configure NAT in Fortigate is new to me. I have a working configuration but some settings don't make sense to me... public ip range: 1.2.3.32/27Fortigate public ip: 1.2.3.36dmz interface: 10.9.11.1/24webser...

sidp · 01-09-2023

I configured a ikev1 tunnel between Cisco IOS and Fortigate.The tunnel comes up but communication only works after a client of the remote site (cisco) initiated some traffic.As you can see in the Fortigate capture, the packet to 10.183.2.1 is sent in...

sidp · 07-07-2024

Hi @fricci_FTNT Unfortunately the problem has occurred again... I was able to capture the debug log again. Spoiler (Highlight to read)FW01 # diagnose test application fnbamd 1 Total fnbam requests in caller side: 253137; EAGAIN errors: 0; other error...

sidp · 07-01-2024

Hi @fricci_FTNT 83.13x.yx.xy is the public ISP DNS and 10.1.1.12 is our internal DNS from active directory (LDAP Server). FW01 # show system dnsconfig system dnsset primary 83.13x.yx.xyset secondary 10.1.1.12set domain "mts.local" "mlab.local"endFW01...

sidp · 06-28-2024

Hi @fricci_FTNT Thank you so far.I changed it to IP for the moment and will check if it still occurs.Our internal DNS is set as secondary and primary is our ISP. I read somewhere that the internal DNS has to be configured as secondary for internal qu...

sidp · 06-28-2024

Okay, I encountered the problem again and was able to capture the debug log. Spoiler (Highlight to read)=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2024.06.28 11:43:52 =~=~=~=~=~=~=~=~=~=~=~=FW01 # diagnose test application fnbamd 1 Total fnbam requests in cal...

sidp · 06-27-2024

Hi fricci_FTNT, I will test it but it may take some time since the error does not always occur and I do not know how to provoke it. Br

User Statistics

User Activity

FortiClient VPN stops at 48% with warning -7200

Redundant IPsec tunnel stays up even if peer is offline

Fortigate OSPF stop inter-area distribution

Weird behavior central SNAT / DNAT VIP

Communication issues - ikev1 vpn Fortigate <-> Cisco IOS Router