- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: VPN stuck at status 98%
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
VPN stuck at status 98%
We are running Windows Server 2012 R2. We have installed the most recent FortiNet client (vpn only), version 5.2.0.0591. We have configured an SSL-VPN connection. When we click on the " connect" button, the status progresses all the way to 98% and then hangs. We have disabled the windows firewall, do not have any anti virus software installed, no group policies are being applied, and no other applications are running when we attempt to make the VPN connection. Thanks for helping!
Solved! Go to Solution.
2 Solutions
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi All,
I just fix it by apply this fix and re-install fortigate client.
https://skydrive.live.com/redir?resid=86BDD34D41D3E179!2065&authkey=!AAeyjPB4O4uVxek
You may find the detail from this forums. Hope this could help you all. Thanks.
https://supportforums.cisco.com/discussion/11682811/anyconnect-msi-installation-failed-windows-7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I seem to be experiencing this problem, or very similar problem.
Forticlient hangs at 98% while connecting. But this only happen occasionally -- especially if the connect dropped for some reason and I try to connect again (possibly every time this happens).
I am able to get Forticlient to connect if I reboot my machine. So maybe this is not the identical problem discussed here. Sometimes it gives the "You already have an open SSL VPN connection" warning, but not always. Either way, it stops at 98%, after a minute or so, it just clears the login fields of the forticlient window as if nothing had ever happened.
Rebooting my machine "resets" something and makes connection possible. But this is a frustrating workaround.
Is there a process or service I should be able to restart that would have the same effect as rebooting?
101 REPLIES 101
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi
I just experience on my Windows 10 all what greylander says (see #66 above).
I see all what he says to see, except the "You already have an open SSL VPN connection" warning, and I agree with him about the annoying workaround of restarting the machine
I would only add that I see often DNS not working after disconnection and what I see in the log of forticlient during the minute of wait before timeout:
..
15:21:44 Debug VPN FortiSslvpn: 15092: poll_recv_ssl -> SSL_ERROR_WANT_READ
15:21:44 Debug VPN FortiSslvpn: 15092: poll_recv_ssl return 0 bytes, read after timeout
15:21:44 Debug VPN FortiSslvpn: 15092: [tunnel_loop_read_socket] wait for socket event
15:21:44 Debug VPN FortiSslvpn: 15092: wait for socket event timeout, try to do a read
15:21:44 Debug VPN FortiSslvpn: 15092: [SSL-IN] buf size = 65540, ptr = 0, space = 65540
15:21:44 Debug VPN FortiSslvpn: 15092: [SSL-IN] len = -1
15:21:44 Debug VPN FortiSslvpn: 15092: poll_recv_ssl -> SSL_ERROR_WANT_READ
..
Regards
P.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Can anyone at Fortinet weigh in on the progress on a permanent solution for this? I understand this is a complex issue that needs to be resolved jointly / working with Microsoft, but I also think 2 years is a bit of a joke.
I don't really care what the update is, I would just love to know that there is one, and that Fortinet would value its customers enough to give us some sort of update, even if the update is that it won't be fixed until Windows X, or whatever.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Still no progress with this issue? Some customers use now other VPN solutions, exactly because of this...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
One of my users just ran into this issue a few days ago. Very annoying having to uninstall/reinstall FortiClient just to get the SSL VPN connection to work...
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is there any other VPN Client that we can use to connect to the Forti firewall without this frustrating issue?
I know, that this isn't a problem of the forticlient itself, that this is a interaction of the client and windows 10, but I really don't bother who's the bad guy here, it just have to work as the other VPN clients, for example the Checkpoint Client.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
As already stated, once fixed on W10, never ever had the problem again with old SslvpnClient64-v4.0.2304
Seb
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
fabianp wrote:Is there any other VPN Client that we can use to connect to the Forti firewall without this frustrating issue?
I know, that this isn't a problem of the forticlient itself, that this is a interaction of the client and windows 10, but I really don't bother who's the bad guy here, it just have to work as the other VPN clients, for example the Checkpoint Client.
The stuck at 98% issue is not isolated to Windows 10. I have seen it occur on Windows 7 as well.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
fabianp wrote:Is there any other VPN Client that we can use to connect to the Forti firewall without this frustrating issue?
I know, that this isn't a problem of the forticlient itself, that this is a interaction of the client and windows 10, but I really don't bother who's the bad guy here, it just have to work as the other VPN clients, for example the Checkpoint Client.
relevant part of previous post:
JordanAtParkRoadSolutions wrote:Option 3: Repair Tool For this particular issue, "version 1" and "version 2" of the tool is purported to work under different (undefined) circumstances. Update: Fortinet has written a KB article recommended procedures for the tool below. https://www.vpnhosting.cz/index.php/clanky/wan-miniport-repair-tool-solve-vpn-and-dial-up-error-code...
As already stated, there is a repair option that fixes the Windows operating system WAN miniport driver issue. This is not specifically a Forticlient issue. I cannot say 100% that this is not caused by Fortinet in some way, but when the problem happens the damage is to the OS not to Forticlient, so switching VPN client may not help.
FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x,
FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM
5.6.5 | Fortimail 5.3.11 Network+, Security+
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I have the same issue as yours
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
98% is the point where the FortiGate is supposed to issue the IP address to the VPN client. At this point, your credentials have already been verified, etcetera. Check your IP address settings and make sure they are correct. Post them here if you're not sure. Is this for all client computers or just particular ones? Sometimes when a client is disconnected suddenly and the connection is not properly terminated, something hangs on the client machine and when you try to reconnect you can't get past 98%. An OS reboot fixes it (despite searching, I haven't been able to locate the exact process, service, or device to reset the hung connection without a full reboot).
Related Posts
- Disable Policy and Change Note 30 Views
- Buy second hand Fortigate 8xE 129 Views
- FG 60F fails to proceed CoA... 276 Views
- FortiPAM - Permissions for template "Web... 69 Views
- Event status showed Critical in fortisiem 186 Views
Labels
-
FortiGate
6,575 -
FortiClient
1,308 -
5.2
801 -
5.4
639 -
FortiManager
569 -
6.0
416 -
FortiAnalyzer
415 -
5.6
362 -
FortiSwitch
338 -
FortiAP
336 -
FortiClient EMS
267 -
6.2
251 -
FortiMail
243 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
151 -
6.4
128 -
FortiNAC
108 -
FortiGuard
102 -
FortiSIEM
89 -
FortiGateCloud
87 -
FortiCloud Products
84 -
IPsec
73 -
FortiToken
71 -
Customer Service
70 -
4.0MR3
64 -
SSL-VPN
61 -
Wireless Controller
58 -
FortiProxy
45 -
FortiADC
43 -
Fortivoice
41 -
FortiEDR
39 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
32 -
FortiSandbox
31 -
FortiSwitch v6.4
28 -
SD-WAN
25 -
Firewall policy
24 -
FortiConnect
24 -
FortiWAN
22 -
VLAN
21 -
FortiConverter
21 -
High Availability
20 -
FortiPortal
18 -
ZTNA
16 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
FortiAuthenticator
15 -
FortiMonitor
14 -
Certificate
14 -
DNS
13 -
FortiDDoS
13 -
SAML
12 -
BGP
12 -
FortiGate v5.0
12 -
Routing
12 -
Interface
12 -
FortiCASB
12 -
Logging
11 -
LDAP
10 -
Virtual IP
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
RADIUS
8 -
fortilink
8 -
Traffic shaping
8 -
SSID
7 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
SSL SSH inspection
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
Authentication
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
SSO
6 -
Traffic shaping policy
5 -
SNMP
5 -
Application control
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
Proxy policy
4 -
packet capture
4 -
WAN optimization
4 -
Automation
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
Port policy
4 -
FortiScan
4 -
IPS signature
3 -
FortiToken Cloud
3 -
FortiAP profile
3 -
Web profile
3 -
DoS policy
3 -
Intrusion prevention
3 -
FortiDB
3 -
FortiDeceptor
2 -
Fortinet Engage Partner Program
2 -
FortiInsight
2 -
NAC policy
2 -
Antivirus profile
2 -
Traffic shaping profile
2 -
VoIP profile
2 -
FortiPAM
2 -
FortiAI
2 -
FortiHypervisor
2 -
Email filter profile
2 -
Netflow
2 -
trunk
2 -
System settings
2 -
4.0MR1
1 -
TACACS
1 -
Users
1 -
Replacement messages
1 -
Schedule
1 -
Subscription Renewal Policy
1 -
SDN connector
1 -
FortiCWP
1 -
FortiNDR
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Web rating
1 -
Internet Service Database
1 -
Multicast routing
1 -
Zone
1 -
Explicit proxy
1 -
Protocol option
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.