Windows error Forticlient script error access denied on SSO connect

anbtoly · ‎05-07-2024

Installed new version of Forticlient (vers 7.2.4.0972).

we setup up Azure SSO on fortigate v7.

when running connect on client .. getting pop up "Script Error"

(review screenshot)

script error

(error has occurred in the script on this page).

Error: Access denied.

code: 0

URL: about blank

I have uninstalled and reinstalled application, on 2 different devices and same issue.

Can anyone assist?

Anthony Abela

jiahoong112 · ‎05-07-2024

Please ensure that your SAML attributes are configured correctly on both Fortigate (SP) and on Azure (IDP) as they are very easy to misconfigure. To me, that looks like a potential issue during the saml redirection, not an issue with FortiClient.

You may find this useful: https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Companion-for-troubleshooting-SSL-VP...

Fortigate Azure sso configuration: https://docs.fortinet.com/document/fortigate-public-cloud/7.4.0/azure-administration-guide/584456/co...

https://learn.microsoft.com/en-us/entra/identity/saas-apps/fortigate-ssl-vpn-tutorial

To get a better grasp of the issue at hand, please run these debugs:

# diag vpn ssl debug-filter src-addr4 x.x.x.x ==> x.x.x.x should be the public ip of the client devicethat is connecting: whatismyip.com
# diagnose debug application sslvpn -1

# diag deb app samld -1

# diag deb enable

-> Reproduce issue

To disable the debug:

# diag deb disable

# diag deb reset

**If you come across a resolution, kindly show your appreciation by liking and accepting it, ensuring its accessibility for others**