Helpful ReplyHot!6.2.2 SSLVPN Problems

Author
lphillipsbio
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/26 11:17:19
  • Status: offline
2019/10/11 08:51:29 (permalink)
0

6.2.2 SSLVPN Problems

Since upgrading to 6.2.2 we are having problems with sslvpn clients not being able to connect.  Yesterday we had to reissue a FortiToken to get one user working -- still investigating others.  Just wondering if anyone else is having similar issues?  Happy to share more details if anyone is interested.
#1
qxu_FTNT
Bronze Member
  • Total Posts : 48
  • Scores: 0
  • Reward points: 0
  • Joined: 2005/06/15 09:51:35
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/10/11 13:27:55 (permalink)
0
This is an known issue, will be fixed in 6.2.3.

Mobile token authentication doesn't work for SSLVPN on SOC3 platforms.

Affected models: FGT_100E, FGT_100EF, FGT_101E, FGT_140E, FGT_60E, FGT_60E_POE, FGT_61E, FGT_80E, FGT_80E_POE, FGT_81E, FGT_81E_POE, FWF_60E, FWF_61E
#2
lphillipsbio
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/26 11:17:19
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/10/11 15:08:31 (permalink)
0
True -- except that I'm not using any of those models -- we are using a 501e.
#3
bmduncan34
Bronze Member
  • Total Posts : 35
  • Scores: 0
  • Reward points: 0
  • Joined: 2017/07/05 10:33:11
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/10/21 12:24:47 (permalink)
0
We're considering upgrading from 6.2.1 due to the CVE-2018-13379 and CVE-2018-13383 SSL VPN vulnerabilities.  We have SSL VPN users using FortiToken Mobile tokens.  We're running 601E's.  How did you make out with your 501E?
#4
lphillipsbio
New Member
  • Total Posts : 4
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/02/26 11:17:19
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/10/21 12:53:17 (permalink)
0
Yes, those are nasty. 
 
So far so good with 6.2.2 --  Memory utilization is down about 25%, on average.  No apparent problems with WAD (knock on wood)...
 
We did have to reset a few user tokens -- but not everyone -- so I could not predict whether or not FortiToken logins will work after upgrading.  
 
 
#5
ajuDave
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2016/09/12 15:00:38
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/10/24 15:36:20 (permalink)
0
Yep.  Same problem.  We get a -455 error after entering the FortiToken code (48% on the progress).  We upgraded last night and nobody has been able to use a FortiToken since.
#6
shonselaar
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/11/15 06:36:03
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2019/11/15 06:44:06 (permalink) ☄ Helpfulby bigs 2020/01/21 17:11:32
0
Same problem here after upgrade from 6.2.1 to 6.2.2

Solution:

Type your password followed by the tokencode in the Password field and click connect.
Do not type your password - click connect - type your tokencode in the token field - click connect.
 
So password and tokencode in the same field (One after the other)
This fixed the problem temporarily for our cusomers.
 
 
#7
bigs
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2020/01/21 17:08:37
  • Status: offline
Re: 6.2.2 SSLVPN Problems 2020/01/21 17:11:20 (permalink)
0
We're running Fortigate 6.0.8 build 0303 (GA) and Forticlient 6.0.9.0277 and seeing the exact same issue
I started removing fortitoken for some users but this is proving painful as once fixed i'll have to re-issue
I stumbled over this solution and have tested successfully.  Has anyone heard from support why this is happening and if there is a fix coming (I have a case open ticket 3785303)
#8
Jump to:
© 2020 APG vNext Commercial Version 5.5