So if you need to connect a FortiGate VPN with cerdential AND a psk, you're not connecting an SSL VPN but an IPSEC IKEv1 mobile VPN and so you cannot use Forticlient. The wizard create a MOBILE IPSEC IKEv1 tunnel and Forticlient Linux do not provide an interface to connect an IPSEC VPN (But Forticlient Windows does).įorticlient Linux is only design to connect Fortigate SSL VPN which is a "ppp" VPN using SSL. This type of VPN is automatically created when using FortiGate vpn wizard to create a vpn endpoint for mobile client. Fortinet TAC support confirm it on case #5378335 which was closed by TAC on with no other solution that open an NFR (New Feature Request) at Fortinet's developpers team.įorticlient Linux do not include the capability to connect a MOBILE IPSEC IKEv1 vpn endpoint with a username, a password and a PSK.
Sorry for everybody suggesting to install the official FortiClient but it DO NOT solve the problem here. Sorry to post twice in the same day, but I think lots of people wants to help but do not have properly understand the issue we're disscuss here. (FortiGate support TAC do not help on this problem, they do not know that there are differences between FortiClientVPN Windows and FortiClientVPN Linux) Hope it will help Linux user to EASILY connecting FortiGate IPSEC mobile VPN which is automaticaly created by Fortigate wizard. The error is: ": handshake failed returned -1, SSL error code 1, net_error -202" You may find a handshake error in logs but it's not a real problem, the connection work. Let all others parameters empty or to their default valuesĪnd simply start it from your desktop connection manager.PFS (Perfect Forward Secrecy) = Group DH 5.
NAT-TRAVERSAL = NAT-T if availiable (default).Cryptographic methode = Secure (default).groupe password = "ipsec psk" = yourpsk (groupe name = "ipsec group id" = 0 (Select VPNC for the type of the VPN connexion.open your connection manager and add a new VPN connection.Install network-manager-vpnc-gnome or network-manager-vpnc-kde or network-manager-vpnc depending on your desktop (use yum, apt or whatever packet manager of your distrib or build it from source) Thanks to Dusan Mijatovic for it previous post on this page. It can be use where Forticlient Linux is not usable (it do not have IPSEC tab to configure a mobile IPSEC access)
So, following this if you are under Linux make it easy to connect the standard IPSEC mobile VPN the Fortigate wizard create. It works with the following parameters if on the Fortigate, the VPN was created using the wizard (and no particular tuning had been done) Reading this topic, I was able to connect to the "standard Fortigate IKEv1 IPSEC VPN for Mobile client".
0 kommentar(er)
