Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Jack_T
New Contributor

Forticlient SSL VPN not working on Ubuntu

Hi all,

I've installed the last version of Forticlient (7.0.0.0018) on my Ubuntu virtual machine (version 20.04.3)

 

I've setup a SSL VPN, but it's not working, I've receive two errors:

[ul]
  • [sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout
  • [sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel[/ul]

    With the same credetials and settings I'm able to connect on a Windows machine

     

    Anyone have encountered these errors? How can I fix the connection?

     

    Thanks in advance,

    Jack

  • 2 Solutions
    boheee
    New Contributor

    Hi, I am having the same issue as well. Updated my fortigate to latest version and still unable to connect using Forticlient 7.0.1/ 6.4.4. The only way to connect in is to use openFortiGUI (https://hadler.me/linux/openfortigui/)...

    However, I still wish to use official forticlient and so far it is not working. I have tried contacting support but they said it's my network/configuration setting.

    I started a whole new VM of fortigate with no configs, only a SSL VPN setup and was also unable to connect in via forticlient.

     

    ```

    20210929 22:29:30.101 [sslvpn:INFO] main:1412 Init 20210929 22:29:30.101 [sslvpn:INFO] main:370 Load profile: abcdefg.com 20210929 22:29:30.102 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:941 Load profile: abcdefg.com 20210929 22:29:30.112 [sslvpn:INFO] main:1112 State: Connecting 20210929 22:29:30.131 [sslvpn:INFO] main:1112 State: Logging in 20210929 22:29:30.131 [sslvpn:INFO] vpn_connection:1493 /remote/info 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:76 ApiEncMethod: 0 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:78 ApiRemoteAuthTimeout: 30 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:80 ApiServerSalt: 34a43608 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:81 flag: 223 20210929 22:29:30.462 [sslvpn:INFO] vpn_connection:1493 /remote/login 20210929 22:29:30.479 [sslvpn:INFO] vpn_connection:1493 /remote/logincheck 20210929 22:29:30.520 [sslvpn:INFO] sslvpn:336 Authentication passed 20210929 22:29:30.520 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn 20210929 22:29:30.539 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn_xml 20210929 22:29:30.563 [sslvpn:INFO] sslvpn:739 Login successful 20210929 22:29:30.586 [sslvpn:INFO] main:1112 State: Configuring tunnel 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel failed. 20210929 22:29:47.001 [sslvpn:INFO] vpn_connection:1493 /remote/logout 20210929 22:30:19.032 [sslvpn:INFO] sslvpn:751 Logout successful

    ```

    View solution in original post

    boheee
    New Contributor

    Hi Jack, 

     

    I am using the fortiOS from aws marketplace. Previously i was using the FortiOS v6.4.4 build1803 (ubuntu forticlients doesn't work) and i thought that it could be fortiOS. So i upgraded my fortiOS to FortiOS v7.0.1 build0157 (GA) (THIS IS THE LATEST PATCH). 

    Forticlient still does not work... 

    I actually have plans to purchase their forti-tokens to have 2FA for my forticlient but ubuntu forticlient cannot even work. I have been looking for solutions for ubuntu forticlient to get it to work but to no avail. 

    View solution in original post

    5 REPLIES 5
    boheee
    New Contributor

    Hi, I am having the same issue as well. Updated my fortigate to latest version and still unable to connect using Forticlient 7.0.1/ 6.4.4. The only way to connect in is to use openFortiGUI (https://hadler.me/linux/openfortigui/)...

    However, I still wish to use official forticlient and so far it is not working. I have tried contacting support but they said it's my network/configuration setting.

    I started a whole new VM of fortigate with no configs, only a SSL VPN setup and was also unable to connect in via forticlient.

     

    ```

    20210929 22:29:30.101 [sslvpn:INFO] main:1412 Init 20210929 22:29:30.101 [sslvpn:INFO] main:370 Load profile: abcdefg.com 20210929 22:29:30.102 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:118 Get DBUS session bus address 20210929 22:29:30.111 [sslvpn:INFO] main:941 Load profile: abcdefg.com 20210929 22:29:30.112 [sslvpn:INFO] main:1112 State: Connecting 20210929 22:29:30.131 [sslvpn:INFO] main:1112 State: Logging in 20210929 22:29:30.131 [sslvpn:INFO] vpn_connection:1493 /remote/info 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:76 ApiEncMethod: 0 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:78 ApiRemoteAuthTimeout: 30 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:80 ApiServerSalt: 34a43608 20210929 22:29:30.462 [sslvpn:INFO] sslvpn:81 flag: 223 20210929 22:29:30.462 [sslvpn:INFO] vpn_connection:1493 /remote/login 20210929 22:29:30.479 [sslvpn:INFO] vpn_connection:1493 /remote/logincheck 20210929 22:29:30.520 [sslvpn:INFO] sslvpn:336 Authentication passed 20210929 22:29:30.520 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn 20210929 22:29:30.539 [sslvpn:INFO] vpn_connection:1493 /remote/fortisslvpn_xml 20210929 22:29:30.563 [sslvpn:INFO] sslvpn:739 Login successful 20210929 22:29:30.586 [sslvpn:INFO] main:1112 State: Configuring tunnel 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:706 IO read remote failed: timeout 20210929 22:29:47.001 [sslvpn:EROR] vpn_connection:1379 Error: Disconnected because of error: Read packet from tunnel failed. 20210929 22:29:47.001 [sslvpn:INFO] vpn_connection:1493 /remote/logout 20210929 22:30:19.032 [sslvpn:INFO] sslvpn:751 Logout successful

    ```

    Jack_T
    New Contributor

    Hi boheee,

    thank for your answer

     

    I've tried openFortiGUI too and I'm able to connect to the VPN, so I think the problem is the official client

     

    Which version of FortiOS do you have? I've a Fortigate 90D with FortiOS 6.0.12

     

    Regards,

    Jack

    boheee
    New Contributor

    Hi Jack, 

     

    I am using the fortiOS from aws marketplace. Previously i was using the FortiOS v6.4.4 build1803 (ubuntu forticlients doesn't work) and i thought that it could be fortiOS. So i upgraded my fortiOS to FortiOS v7.0.1 build0157 (GA) (THIS IS THE LATEST PATCH). 

    Forticlient still does not work... 

    I actually have plans to purchase their forti-tokens to have 2FA for my forticlient but ubuntu forticlient cannot even work. I have been looking for solutions for ubuntu forticlient to get it to work but to no avail. 

    Ofeky
    New Contributor

    Any updates regarding making FortiClient VPN working on Ubuntu 20.4
    I'm having similar issue. the error I get in sslvpn.log file:


    - vpn_connection:341 Load CA certificates failed
    - vpn_connection:1133 Failed create SSL

    - dns:277 No default device found. Skip.

    - route:159 begin cleanup linux...

    - route:161 clean up route...

    - main:1457 exception: Failed create SSL
     

    Note the certificate fail, though I marked Client Certificate=None.

    Anaji
    New Contributor

    1. Open forticlient GUI.
    2. Take note of the connection name (if you didn't create it yet, create it according to the above tutorial).
    3. Open a terminal.
    4. Type "fortivpn connect CONNECTIONNAME" (replace CONNECTIONNAME with the name of the connection you created earlier).
    5. You will see a prompt, press "y" (this certificate is what's causing the issue in the GUI).You will receive a push notification on the app, approve it.
    6. You can check the connection by typing "fortivpn status" or checking the GUI

     

    PS. If fortivpn isn't recognized either add /opt/forticlient to the $PATH or substitute it with ./opt/forticlient/fortivpn

    PSS. You will need to repeat steps 4-8 every time you need to connect.

    Announcements

    Select Forum Responses to become Knowledge Articles!

    Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

    Labels
    Top Kudoed Authors