- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Ipsec for Windows and Mac users ?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ipsec for Windows and Mac users ?
Hello to everyone,
I used ipsec wizard to create a "native L2TP/Ipsec" vpn.
For Windows user all work fine.
For mac user some time they cant connect.
Can some one tell me the best way to give vpn access to mac and windows user pls ?
Thanks in advance.
6 REPLIES 6
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Dear,
Kindly check the below link for the configuration.
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/386346/l2tp-over-ipsec
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello @kawkaw ,
If you're experiencing issues with the native L2TP/IPSec VPN on Mac, you might want to check the VPN server logs and the Mac's system logs for any error messages that could provide insights into the connection problems. Additionally, make sure that the macOS version and L2TP/IPSec settings on the Mac clients are compatible with your VPN server configuration.
let us know if you find any errors so it helps to assist you.
Thanks,
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Kawkaw,
Thank you for the query!
Could you please confirm if you are seeing the IKE packets on the firewall when you are trying the L2TP from your mac machines?
You may run the below debugs on the firewall:
di de reset
di vpn ike log-filter clear
di vpn ike log-filter dst-addr4 x.x.x.x
di de app ike -1
di de en
Please run the above debug commands please try to connect the VPN from mac and once the error is seen, please stop the debug using:
di de di
di de reset
+ Please share the above outputs.
Thank you!
Thallapelly Thrilok.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Why wouldn’t you solve this in a more BYOD fashion by providing instructions or scripts to setup like a university (or if you own the endpoints via some config management) and use forticlient which supports ikev2 on windows, the built in one for mac which supports v2 since 10.11 and StrongSwan or NetworkManager on Linux.
https://showbox.bio https://tutuapp.uno/
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Apologies for the confusion. If you are using a FortiGate firewall to provide VPN access to both Mac and Windows users, here's what you can do:
1. For Windows users:
- FortiGate supports various VPN protocols for Windows, including SSL-VPN, IPsec, and L2TP/IPsec. You can configure SSL-VPN using FortiClient, which is a dedicated VPN client provided by Fortinet. It offers a more seamless and feature-rich VPN experience for Windows users. FortiClient supports both SSL-VPN and IPsec VPN connections.
- Alternatively, you can also use the built-in Windows VPN client and configure IPsec or L2TP/IPsec VPN on the FortiGate firewall. Ensure that you follow the FortiGate documentation for step-by-step instructions on configuring the appropriate VPN protocol for Windows users.
2. For Mac users:
- FortiClient also provides a dedicated VPN client for Mac users. You can download and install FortiClient for Mac, which supports SSL-VPN and IPsec VPN connections. FortiClient for Mac offers similar functionality as the Windows version.
- For native VPN support on macOS, you can configure L2TP/IPsec VPN or SSL-VPN on the FortiGate firewall. Mac users can use the built-in VPN client to connect to these VPN types. Follow the FortiGate documentation to configure the appropriate VPN protocol for Mac users.
When configuring VPN on the FortiGate firewall, make sure you configure the appropriate firewall policies, user authentication, and encryption settings based on your security requirements. You may also need to open the necessary ports on your firewall and configure any NAT or routing rules if applicable.
For troubleshooting connection issues, consult the Fortinet documentation, which provides detailed information on diagnosing and resolving VPN connectivity problems specific to FortiGate firewalls. Additionally, you can reach out to Fortinet support for further assistance in troubleshooting and resolving any issues you may encounter.
Remember to keep your FortiGate firmware up to date and apply any recommended security patches to ensure the best performance and security for your VPN solution.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If Mac users can't connect to your IPsec VPN, check the compatibility of IPsec settings between the VPN server and clients, verify the pre-shared key (PSK) on both ends, and ensure Mac clients use the correct "Cisco IPSec" VPN type. Also, review Mac clients' firewall settings for potential blocks. If issues persist, consider trying third-party VPN clients like NCP Secure Entry Client Suite or Cisco AnyConnect VPN Client, which simplify configuration.
For granting VPN access to Mac and Windows users, options include using third-party VPN clients for ease, native IPsec VPN client for added security (though more complex setup), or a VPN gateway (physical or virtual) for enhanced features and flexibility. Choose the best option based on your specific needs and requirements.
Related Posts
- SSO on Self-Service Portal FortiAuthenticator 61 Views
- FortiClient - irregular disconnect for no... 114 Views
- Assistance Needed: Routing Issue with FortiGate... 296 Views
- FortiClient Vpn 322 Views
- Trouble Receiving DHCP Packet Over S2S... 228 Views
Labels
-
FortiGate
6,451 -
FortiClient
1,288 -
5.2
801 -
5.4
639 -
FortiManager
562 -
6.0
416 -
FortiAnalyzer
410 -
5.6
362 -
FortiSwitch
331 -
FortiAP
327 -
FortiClient EMS
259 -
6.2
251 -
FortiMail
239 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
148 -
6.4
128 -
FortiNAC
103 -
FortiGuard
102 -
FortiGateCloud
86 -
FortiSIEM
85 -
FortiCloud Products
82 -
FortiToken
69 -
Customer Service
69 -
IPsec
66 -
4.0MR3
64 -
Wireless Controller
58 -
SSL-VPN
54 -
FortiProxy
44 -
FortiADC
42 -
Fortivoice
41 -
FortiEDR
38 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
31 -
FortiSandbox
30 -
FortiSwitch v6.4
28 -
FortiConnect
23 -
SD-WAN
23 -
FortiWAN
22 -
FortiConverter
21 -
High Availability
20 -
Firewall policy
20 -
VLAN
18 -
FortiPortal
17 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
ZTNA
15 -
FortiMonitor
14 -
Certificate
14 -
FortiDDoS
13 -
Routing
12 -
FortiCASB
12 -
SAML
11 -
DNS
11 -
Interface
11 -
BGP
10 -
FortiGate v5.0
10 -
FortiRecorder
10 -
VDOM
10 -
FortiWeb v5.0
9 -
LDAP
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
Logging
9 -
RADIUS
8 -
Traffic shaping
8 -
Virtual IP
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
fortilink
7 -
FortiAnalyzer v5.0
7 -
NAT
7 -
FortiAuthenticator
7 -
Admin
7 -
FortiGate v4.0 MR3
7 -
4.0
7 -
Fortigate Cloud
6 -
IP address management - IPAM
6 -
SSID
5 -
Security profile
5 -
Traffic shaping policy
5 -
Authentication
5 -
FortiBridge
5 -
SNMP
5 -
SSO
5 -
Application control
5 -
Static route
5 -
FortiManager v4.0
5 -
FortiDirector
4 -
SSL SSH inspection
4 -
WAN optimization
4 -
Web application firewall profile
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Proxy policy
4 -
packet capture
3 -
FortiToken Cloud
3 -
Automation
3 -
Intrusion prevention
3 -
DoS policy
3 -
FortiTester
3 -
Port policy
3 -
FortiDB
3 -
IPS signature
3 -
FortiDeceptor
2 -
FortiInsight
2 -
Antivirus profile
2 -
VoIP profile
2 -
Traffic shaping profile
2 -
Web profile
2 -
FortiAP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
trunk
2 -
NAC policy
1 -
SDN connector
1 -
4.0MR1
1 -
Users
1 -
Subscription Renewal Policy
1 -
FortiCWP
1 -
FortiNDR
1 -
Web rating
1 -
Application signature
1 -
Authentication rule and scheme
1 -
Multicast routing
1 -
Zone
1 -
FortiManager-VM
1 -
Fabric connector
1 -
Internet Service Database
1 -
Fortinet Engage Partner Program
1 -
System settings
1 -
Explicit proxy
1 -
TACACS
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.