- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Forticlient VPN Permission denied (-455)
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forticlient VPN Permission denied (-455)
Hi,
im using Fortigate 61F with firmware 7.4.3.
so i create SSL VPN for some user. i try the user id and password before give to them and all works perfectly.
but one user inform me that he cant login with current user id and password that i gave before. the error is permission denied (-455)
i try again in my laptop using this credentials and it succssfully login. im checking the fortivpn software uninstall and install the new one but this problems still exist. please advise what should i do for check ? or maybe this user internet connection prohibited using VPN ?
Solved! Go to Solution.
Labels:
- Labels:
-
FortiClient
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Aek,
i found solution when checking this log
[286:root:7]rmt_error_cb_handler:131 Can't get corresponding message for key 400. Use the default error message.
just using this setup
Upgrade to 6.2.0 at least if 'auth-session-check-source-ip disable' is required.
# config vpn ssl settings
set auth-session-check-source-ip enable | disable
and now the vpn its works.
Thanks.
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @idharr1
Enter this on FG CLI the try initiate a VPN connection.
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
diagnose debug enable
Once done please share the output.
AEK
AEK
Created on 05-04-2024 02:16 AM Edited on 05-04-2024 02:20 AM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@AEK wrote:Hi @idharr1
Enter this on FG CLI the try initiate a VPN connection.
diagnose debug application sslvpn -1
diagnose debug application fnbamd -1
diagnose debug enableOnce done please share the output.
Hi Aek
forti # [286:root:6]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[286:root:6]SSL state:before SSL initialization (103.47.133.65)
[286:root:6]SSL state:fatal decode error (103.47.133.65)
[286:root:6]SSL state:error:(null)(103.47.133.65)
[286:root:6]SSL_accept failed, 1:unexpected eof while reading
[286:root:6]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[287:root:6]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[287:root:6]SSL state:before SSL initialization (103.171.147.88)
[287:root:6]SSL state:before SSL initialization (103.171.147.88)
[287:root:6]no SNI received
[287:root:6]client cert requirement: no
[287:root:6]SSL state:SSLv3/TLS read client hello (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write server hello (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write certificate (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write key exchange (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write server done (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write server done:(null)(103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write server done (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS read client key exchange (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS read change cipher spec (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS read finished (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write session ticket (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write change cipher spec (103.171.147.88)
[287:root:6]SSL state:SSLv3/TLS write finished (103.171.147.88)
[287:root:6]SSL state:SSL negotiation finished successfully (103.171.147.88)
[287:root:6]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
[287:root:6]req: /remote/info
[287:root:6]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}])
[287:root:6]capability flags: 0x3cdf
[288:root:6]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[288:root:6]SSL state:before SSL initialization (103.47.133.104)
[288:root:6]SSL state:before SSL initialization (103.47.133.104)
[288:root:6]no SNI received
[288:root:6]client cert requirement: no
[288:root:6]SSL state:SSLv3/TLS read client hello (103.47.133.104)
[288:root:6]SSL state:SSLv3/TLS write server hello (103.47.133.104)
[288:root:6]SSL state:SSLv3/TLS write certificate (103.47.133.104)
[288:root:6]SSL state:SSLv3/TLS write key exchange (103.47.133.104)
[288:root:6]SSL state:SSLv3/TLS write server done (103.47.133.104)
[288:root:6]SSL state:SSLv3/TLS write server done:(null)(103.47.133.104)
[288:root:6]SSL state:fatal decode error (103.47.133.104)
[288:root:6]SSL state:error:(null)(103.47.133.104)
[288:root:6]SSL_accept failed, 1:unexpected eof while reading
[288:root:6]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[289:root:6]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[289:root:6]SSL state:before SSL initialization (103.171.147.97)
[289:root:6]SSL state:before SSL initialization (103.171.147.97)
[289:root:6]no SNI received
[289:root:6]client cert requirement: no
[289:root:6]SSL state:SSLv3/TLS read client hello (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write server hello (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write certificate (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write key exchange (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write server done (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write server done:(null)(103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write server done (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS read client key exchange (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS read change cipher spec (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS read finished (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write session ticket (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write change cipher spec (103.171.147.97)
[289:root:6]SSL state:SSLv3/TLS write finished (103.171.147.97)
[289:root:6]SSL state:SSL negotiation finished successfully (103.171.147.97)
[289:root:6]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
[289:root:6]req: /remote/login
[289:root:6]rmt_web_auth_info_parser_common:533 no session id in auth info
[289:root:6]rmt_web_get_access_cache:885 invalid cache, ret=4103
[289:root:6]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}])
[289:root:6]get_cust_page:125 saml_info 0
[287:root:6]SSL state:fatal decode error (103.171.147.88)
[287:root:0]ap_read,105, error=1, errno=0 ssl 0x7f8bfea000 Success. error:0A000126:SSL routines::unexpected eof while reading
[287:root:6]sslvpn_read_request_common,684, ret=-1 error=-1, sconn=0x7f8cc55800.
[287:root:6]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[290:root:6]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[290:root:6]SSL state:before SSL initialization (103.47.133.103)
[290:root:6]SSL state:before SSL initialization (103.47.133.103)
[290:root:6]no SNI received
[290:root:6]client cert requirement: no
[290:root:6]SSL state:SSLv3/TLS read client hello (103.47.133.103)
[290:root:6]SSL state:SSLv3/TLS write server hello (103.47.133.103)
[290:root:6]SSL state:SSLv3/TLS write certificate (103.47.133.103)
[290:root:6]SSL state:SSLv3/TLS write key exchange (103.47.133.103)
[290:root:6]SSL state:SSLv3/TLS write server done (103.47.133.103)
[290:root:6]SSL state:SSLv3/TLS write server done:(null)(103.47.133.103)
[290:root:6]SSL state:fatal decode error (103.47.133.103)
[290:root:6]SSL state:error:(null)(103.47.133.103)
[290:root:6]SSL_accept failed, 1:unexpected eof while reading
[290:root:6]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[284:root:7]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[284:root:7]SSL state:before SSL initialization (103.171.147.89)
[284:root:7]SSL state:before SSL initialization (103.171.147.89)
[284:root:7]no SNI received
[284:root:7]client cert requirement: no
[284:root:7]SSL state:SSLv3/TLS read client hello (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write server hello (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write certificate (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write key exchange (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write server done (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write server done:(null)(103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write server done (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS read client key exchange (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS read change cipher spec (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS read finished (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write session ticket (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write change cipher spec (103.171.147.89)
[284:root:7]SSL state:SSLv3/TLS write finished (103.171.147.89)
[284:root:7]SSL state:SSL negotiation finished successfully (103.171.147.89)
[284:root:7]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
[284:root:7]req: /remote/logincheck
[284:root:7]Transfer-Encoding n/a
[284:root:7]Content-Length 205
[284:root:7]readPostEnter:17 Post Data length 205.
[284:root:7]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}])
[284:root:7]rmt_web_auth_info_parser_common:533 no session id in auth info
[284:root:7]rmt_web_access_check:804 access failed, uri=[/remote/logincheck],ret=4103,
[284:root:7]encoding method 0
[284:root:7]fsv_logincheck_common_handler:1407 user 'NSasongko' has a matched local entry.
[284:root:7]sslvpn_auth_check_usrgroup:3072 forming user/group list from policy.
[284:root:7]sslvpn_auth_check_usrgroup:3119 got user (0) group (2:0).
[284:root:7]sslvpn_validate_user_group_list:1956 validating with SSL VPN authentication rules (1), realm ().
[284:root:7]sslvpn_validate_user_group_list:2050 checking rule 1 cipher.
[284:root:7]sslvpn_validate_user_group_list:2058 checking rule 1 realm.
[284:root:7]sslvpn_validate_user_group_list:2069 checking rule 1 source intf.
[284:root:7]sslvpn_validate_user_group_list:2108 checking rule 1 vd source intf.
[284:root:7]sslvpn_validate_user_group_list:2613 rule 1 done, got user (0:0) group (1:0) peer group (0).
[284:root:7]sslvpn_validate_user_group_list:2621 got user (0:0) group (1:0) peer group (0).
[284:root:7]sslvpn_validate_user_group_list:2968 got user (0:0), group (2:0) peer group (0).
[284:root:7]sslvpn_update_user_group_list:1850 got user (0:0), group (2:0), peer group (0) after update.
[284:root:7]two factor check for NSasongko: off
[284:root:7]sslvpn_authenticate_user:203 authenticate user: [NSasongko]
[284:root:7]sslvpn_authenticate_user:221 create fam state
[284:root:7][fam_auth_send_req_internal:432] Groups sent to FNBAM:
[284:root:7]group_desc[0].grpname = user_VPN_1
[284:root:7][fam_auth_send_req_internal:444] FNBAM opt = 0X200420
local auth is done with user 'NSasongko', ret=7
[284:root:7][1828] handle_req-Rcvd auth_token req 354133238 for NSasongko in
fam_auth_send_req_internal:520 fnbam_auth return: 7
[466] __compose_group_list_from_req-Group 'user_VPN_1', type 1
[284:root:7][fam_auth_send_req_internal:546] Authenticated groups (1) by FNBAM with auth_type (1):
[284:root:7]Received: auth_rsp_data.grp_list[0] = 2
[284:root:7][741] create_auth_token_session-Created auth token session 354133238
fam_auth_send_req_internal:570 found node user_VPN_1:0:, valid:1, auth:0
[284:root:7]Validated: auth_rsp_data.grp_list[0] = user_VPN_1
[289:root:6]Timeout for connection 0x7f8cc55800.
[289:root:6]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[289:root:6]SSL state:warning close notify (103.171.147.97)
[284:root:7]Timeout for connection 0x7f8cc55800.
[284:root:7]Destroy sconn 0x7f8cc55800, connSize=0. (root)
[284:root:7]SSL state:warning close notify (103.171.147.89)
[2228] handle_req-Rcvd auth_cert req id=354133239, len=6371, opt=8
[1148] __cert_auth_ctx_init-req_id=354133239, opt=8
[1164] __cert_auth_ctx_init-OCSP resp is found.
[103] __cert_chg_st- 'Init'
[201] fnbamd_cert_load_certs_from_req-3 cert(s) in req.
[827] __cert_init-req_id=354133239
[876] __cert_build_chain-req_id=354133239
[319] fnbamd_chain_build-Chain discovery, opt 0x19, cur total 1
[337] fnbamd_chain_build-Following depth 0
[382] fnbamd_chain_build-Extend chain by builtin CA cache. (good)
[337] fnbamd_chain_build-Following depth 1
[382] fnbamd_chain_build-Extend chain by builtin CA cache. (good)
[337] fnbamd_chain_build-Following depth 2
[351] fnbamd_chain_build-Self-sign detected.
[99] __cert_chg_st- 'Init' -> 'Validation'
[998] __cert_verify-req_id=354133239
[999] __cert_verify-Chain is complete.
[481] fnbamd_builtin_cert_check-Following cert chain depth 0
[481] fnbamd_builtin_cert_check-Following cert chain depth 1
[504] fnbamd_builtin_cert_check-Builtin CRL found: 244b5494
[481] fnbamd_builtin_cert_check-Following cert chain depth 2
[521] fnbamd_builtin_cert_check-Certificate status is unchecked.
[1039] __cert_verify_do_next-req_id=354133239
[99] __cert_chg_st- 'Validation' -> 'OCSP-Checking'
[1063] __cert_ocsp_check-req_id=354133239
[334] fnbamd_verify_ocsp_response-Cert status: GOOD.
[256] __cert_ocsp_resp_verify-verify_ocsp_response returns 0 -1
[99] __cert_chg_st- 'OCSP-Checking' -> 'Done'
[1086] __cert_done-req_id=354133239
[1502] fnbamd_auth_session_done-Session done, id=354133239
[1131] __fnbamd_cert_auth_run-Exit, req_id=354133239
[1545] create_auth_cert_session-fnbamd_cert_auth_init returns 0, id=354133239
[1458] auth_cert_success-id=354133239
[1242] fnbamd_cert_auth_copy_cert_status-req_id=354133239
[1369] fnbamd_cert_auth_copy_cert_status-Cert st 210, req_id=354133239
[229] fnbamd_comm_send_result-Sending result 0 (nid 0) for req 354133239, len=2568
[1333] destroy_auth_cert_session-id=354133239
[1214] fnbamd_cert_auth_uninit-req_id=354133239
[1224] fnbamd_rads_destroy-
[2228] handle_req-Rcvd auth_cert req id=354133240, len=6371, opt=8
[1148] __cert_auth_ctx_init-req_id=354133240, opt=8
[1164] __cert_auth_ctx_init-OCSP resp is found.
[103] __cert_chg_st- 'Init'
[201] fnbamd_cert_load_certs_from_req-3 cert(s) in req.
[827] __cert_init-req_id=354133240
[876] __cert_build_chain-req_id=354133240
[319] fnbamd_chain_build-Chain discovery, opt 0x19, cur total 1
[337] fnbamd_chain_build-Following depth 0
[382] fnbamd_chain_build-Extend chain by builtin CA cache. (good)
[337] fnbamd_chain_build-Following depth 1
[382] fnbamd_chain_build-Extend chain by builtin CA cache. (good)
[337] fnbamd_chain_build-Following depth 2
[351] fnbamd_chain_build-Self-sign detected.
[99] __cert_chg_st- 'Init' -> 'Validation'
[998] __cert_verify-req_id=354133240
[999] __cert_verify-Chain is complete.
[481] fnbamd_builtin_cert_check-Following cert chain depth 0
[481] fnbamd_builtin_cert_check-Following cert chain depth 1
[504] fnbamd_builtin_cert_check-Builtin CRL found: 244b5494
[481] fnbamd_builtin_cert_check-Following cert chain depth 2
[521] fnbamd_builtin_cert_check-Certificate status is unchecked.
[1039] __cert_verify_do_next-req_id=354133240
[99] __cert_chg_st- 'Validation' -> 'OCSP-Checking'
[1063] __cert_ocsp_check-req_id=354133240
[334] fnbamd_verify_ocsp_response-Cert status: GOOD.
[256] __cert_ocsp_resp_verify-verify_ocsp_response returns 0 -1
[99] __cert_chg_st- 'OCSP-Checking' -> 'Done'
[1086] __cert_done-req_id=354133240
[1502] fnbamd_auth_session_done-Session done, id=354133240
[1131] __fnbamd_cert_auth_run-Exit, req_id=354133240
[1545] create_auth_cert_session-fnbamd_cert_auth_init returns 0, id=354133240
[1458] auth_cert_success-id=354133240
[1242] fnbamd_cert_auth_copy_cert_status-req_id=354133240
[1369] fnbamd_cert_auth_copy_cert_status-Cert st 210, req_id=354133240
[229] fnbamd_comm_send_result-Sending result 0 (nid 0) for req 354133240, len=2568
[1333] destroy_auth_cert_session-id=354133240
[1214] fnbamd_cert_auth_uninit-req_id=354133240
[1224] fnbamd_rads_destroy-
[285:root:7]allocSSLConn:312 sconn 0x7f8cce9800 (0:root)
[285:root:7]SSL state:before SSL initialization (103.47.133.181)
[285:root:7]SSL state:before SSL initialization (103.47.133.181)
[285:root:7]no SNI received
[285:root:7]client cert requirement: no
[285:root:7]SSL state:SSLv3/TLS read client hello (103.47.133.181)
[285:root:7]SSL state:SSLv3/TLS write server hello (103.47.133.181)
[285:root:7]SSL state:SSLv3/TLS write certificate (103.47.133.181)
[285:root:7]SSL state:SSLv3/TLS write key exchange (103.47.133.181)
[285:root:7]SSL state:SSLv3/TLS write server done (103.47.133.181)
[285:root:7]SSL state:SSLv3/TLS write server done:(null)(103.47.133.181)
[285:root:7]SSL state:fatal decode error (103.47.133.181)
[285:root:7]SSL state:error:(null)(103.47.133.181)
[285:root:7]SSL_accept failed, 1:unexpected eof while reading
[285:root:7]Destroy sconn 0x7f8cce9800, connSize=1. (root)
[286:root:7]allocSSLConn:312 sconn 0x7f8cc55800 (0:root)
[286:root:7]SSL state:before SSL initialization (103.171.147.119)
[286:root:7]SSL state:before SSL initialization (103.171.147.119)
[286:root:7]no SNI received
[286:root:7]client cert requirement: no
[286:root:7]SSL state:SSLv3/TLS read client hello (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write server hello (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write certificate (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write key exchange (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write server done (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write server done:(null)(103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write server done (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS read client key exchange (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS read change cipher spec (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS read finished (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write session ticket (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write change cipher spec (103.171.147.119)
[286:root:7]SSL state:SSLv3/TLS write finished (103.171.147.119)
[286:root:7]SSL state:SSL negotiation finished successfully (103.171.147.119)
[286:root:7]SSL established: TLSv1.2 ECDHE-RSA-AES256-GCM-SHA384
[286:root:7]req: /remote/logincheck
[286:root:7]Transfer-Encoding n/a
[286:root:7]Content-Length 237
[286:root:7]readPostEnter:17 Post Data length 237.
[286:root:7]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}])
[286:root:7]rmt_web_auth_info_parser_common:533 no session id in auth info
[286:root:7]rmt_web_access_check:804 access failed, uri=[/remote/logincheck],ret=4103,
[286:root:7]encoding method 0
[286:root:7]fsv_logincheck_common_handler:1407 user 'NSasongko' has a matched local entry.
[286:root:7]got checking id 3-2149dbd3
[286:root:0]fsv_logincheck_common_handler:1538 token_type = 2, time_out = 300
[286:root:7]1690 magic checked failed.
[286:root:7]User Agent: FortiSSLVPN (Windows NT; SV1 [SV{v=02.01; f=07;}])
[286:root:7]Transfer-Encoding n/a
[286:root:7]Content-Length 237
[286:root:0]sslvpn_find_err_msg_array:391 Can't find the value for key: 400
[286:root:7]rmt_error_cb_handler:131 Can't get corresponding message for key 400. Use the default error message.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Aek,
i found solution when checking this log
[286:root:7]rmt_error_cb_handler:131 Can't get corresponding message for key 400. Use the default error message.
just using this setup
Upgrade to 6.2.0 at least if 'auth-session-check-source-ip disable' is required.
# config vpn ssl settings
set auth-session-check-source-ip enable | disable
and now the vpn its works.
Thanks.
Related Posts
- Windows error Forticlient script error access... 372 Views
- Permission denied. 414 Views
- FortiClient VPN permission error on MacOS 658 Views
- EMS cloud: Registration attempt by Endpoint... 976 Views
Labels
-
FortiGate
6,762 -
FortiClient
1,345 -
5.2
801 -
5.4
639 -
FortiManager
580 -
FortiAnalyzer
425 -
6.0
416 -
5.6
362 -
FortiSwitch
346 -
FortiAP
345 -
FortiClient EMS
274 -
FortiMail
263 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
160 -
6.4
128 -
FortiNAC
110 -
FortiGuard
108 -
FortiSIEM
91 -
FortiGateCloud
88 -
IPsec
87 -
FortiCloud Products
85 -
FortiToken
73 -
Customer Service
70 -
SSL-VPN
69 -
4.0MR3
64 -
Wireless Controller
62 -
FortiProxy
47 -
FortiADC
44 -
FortiEDR
41 -
Fortivoice
41 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
33 -
FortiSandbox
33 -
SD-WAN
33 -
FortiSwitch v6.4
30 -
Firewall policy
30 -
High Availability
24 -
FortiConnect
24 -
VLAN
23 -
FortiAuthenticator
22 -
FortiWAN
22 -
FortiConverter
21 -
ZTNA
20 -
FortiPortal
18 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
Certificate
16 -
SAML
15 -
FortiMonitor
14 -
BGP
14 -
DNS
14 -
Interface
14 -
Logging
14 -
FortiGate v5.0
13 -
FortiDDoS
13 -
LDAP
12 -
Routing
12 -
FortiCASB
12 -
VDOM
12 -
fortilink
11 -
RADIUS
10 -
Virtual IP
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
Authentication
9 -
SSL SSH inspection
9 -
Traffic shaping
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
SSID
8 -
FortiSOAR
8 -
SSO
8 -
Application control
8 -
RMA Information and Announcements
7 -
FortiAnalyzer v5.0
7 -
Fortigate Cloud
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
FortiBridge
6 -
SNMP
6 -
Web profile
6 -
Proxy policy
5 -
Traffic shaping policy
5 -
FortiAP profile
5 -
Web application firewall profile
5 -
FortiTester
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Packet capture
4 -
Antivirus profile
4 -
Automation
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Port policy
4 -
FortiToken Cloud
3 -
DoS policy
3 -
Email filter profile
3 -
Web rating
3 -
Intrusion prevention
3 -
FortiDB
3 -
trunk
3 -
FortiDeceptor
2 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Fortinet Engage Partner Program
2 -
Users
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Fabric connector
1 -
Multicast routing
1 -
Explicit proxy
1 -
Zone
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.