Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
maxxer
New Contributor

[MacOS] Cannot connect to SSLVPN since upgrade to 5.4.3.529

Hi.

Since when I've upgraded my FortiClient installation on MacOS I'm unable to connect to a customer's SSLVPN. All I get is a generic unable to connect message, I tried downloading debug log from preferences but I see nothing.

I'm sure the VPN is working because using the same settings&account it works fine from Android. 

 

Is there anything else I can do for debugging? Or in case there's no other solution, where can I download older versions?

thanks

5 REPLIES 5
YvesCa
New Contributor III

Hi

What is your FortiOS version ?

There are an uncompatibility and an issue between FortiOS and Forticlient versions.

 

For example, FortiOS 5.4.4 is uncompatible with Forticlient 5.4.0, and there is an issue withFortiClient 5.4.2 and 5.4.3 don't fixed today.

 

So if you use FortiOS 5.4.4, you have to use the 5.4.1 version of Forticlient.

Yves

emnoc
Esteemed Contributor III

suggestions

 

[ul]
  • what version of  MACOSX
  • did you enable and review any logs FGT and  FC
  • are you going thru a proxy ( if yes ) can you try from a non-proxy location
  • I'm running find on 10.10.5 fwiw[/ul]

     

    Ken

     

  • PCNSE 

    NSE 

    StrongSwan  

    PCNSE NSE StrongSwan
    maxxer
    New Contributor

    MacOS is 10.12.3. 

    I tried connecting, at first I had to cancel because it wasn't doing anything. Then I tried "Connect to" from the tray and I got an error few moments after. The debug log shows the following:

    20170323 14:35:48.236 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.236 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.236 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.237 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.237 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.237 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.238 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.238 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.238 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.239 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.239 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.240 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.240 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:35:48.241 [sslvpn:DEBG] unknown:0 ds=0
    20170323 14:37:16.387 [sslvpn:INFO] unknown:0 current uid: 0
    20170323 14:37:16.388 [sslvpn:INFO] unknown:0 get current proxy auto config settings
    20170323 14:37:16.392 [sslvpn:INFO] unknown:0 use tty:/dev/ttys003
    20170323 14:37:16.394 [sslvpn:INFO] unknown:0 connecting to 1.2.3.4:443 - 443
    20170323 14:37:16.395 [sslvpn:DEBG] unknown:0 tcp connect 1.2.3.4:443 timeout -1
    20170323 14:37:16.404 [sslvpn:INFO] unknown:0 shuting down the running tunnel
    20170323 14:37:16.404 [sslvpn:INFO] unknown:0 the tunnel is shut down
    20170323 14:37:16.404 [sslvpn:EROR] unknown:0 connect failed
    20170323 14:37:16.404 [sslvpn:INFO] unknown:0 tunnel shutdown -2
    20170323 14:37:16.405 [sslvpn:INFO] unknown:0 sslvpn starts to clean up
    20170323 14:37:16.408 [sslvpn:INFO] unknown:0 sslvpnd terminated

     

    I see the timeout error, but from terminal if I try telnetting to the server it connects immediately.

    emnoc
    Esteemed Contributor III

    Okay I've seen that same thing b4

     

    what I did which seems stupid

     

    1: i tried killing  FC-MACOSX by the std shutdown  ( it failed btw )

     

    2: I end up using ps ax and find the proc-id and killed the  3 ids

     

    3: then re-open the FClient and try again

     

    If you don't mind me asking what did you tried connect to FortiOS   5.2.9 or 5.2.3 or 5.4.?

     

     

    My mac and other users have had the same issues , but windows7 running 5.4.3.0870 has zero reported  issues

     

    Another issues we found but can't fully replicated. On 10.10.x firefox seems to create some  issues with the FFcache if you are on webPortal and then revert to a tunnel-mode connection,  Right now I suspect FF and FC are fighting over something and I can't determine what.

     

     

    PCNSE 

    NSE 

    StrongSwan  

    PCNSE NSE StrongSwan
    maxxer
    New Contributor

    emnoc wrote:

    1: i tried killing  FC-MACOSX by the std shutdown  ( it failed btw )

    2: I end up using ps ax and find the proc-id and killed the  3 ids

    3: then re-open the FClient and try again

    If you don't mind me asking what did you tried connect to FortiOS   5.2.9 or 5.2.3 or 5.4.?

    My mac and other users have had the same issues , but windows7 running 5.4.3.0870 has zero reported  issues

    Another issues we found but can't fully replicated. On 10.10.x firefox seems to create some  issues with the FFcache if you are on webPortal and then revert to a tunnel-mode connection,  Right now I suspect FF and FC are fighting over something and I can't determine what.

    Right now I have no FC processes running, I even tried rebooting the whole Mac but doesn't work. 

    Sadly I don't know the upstream server version, I don't manage it. I've tried on Android and Win10 too, both works. Just MacOS doesn't.

    Labels
    Top Kudoed Authors