This article describes how to rectify the 'failed to establish the VPN connection', '5029 error'.
While connecting the FortiClient, the following error may appear.
If all step here has been followed by still getting the same error to connect, make sure to check the server certificate are set and not empty. This can be verified under SSL-VPN Setting -> Server.
Certificate: change it accordingly.
After the certificate has been set, it will be possible to connect to SSL-VPN.
Another possible reason for this error if the above steps did not help is if FortiGate uses a self-signed certificate as an SSL VPN server certificate and there is another firewall in between which performs certificate inspection.
In the following packet capture, the client sent an alert (Level: Fatal, Description: Illegal Parameter) after the 'Certificate, Server key Exchange, Server Hello Done'.
The solution is to either: