![]() ![]() Just hoping that some people will have some suggestions on where to go from here. I've googled for a while and haven't found anything close to the issue we are having. ![]() The example above is what happens to all effected users and it doesn't seem to matter what version of the software they are running. she can then log in without an issue until this happens again in a couple of weeks or months. You can use either FortiAuthenticator as your CA or a trusted private CA.In order to implement SSL inspection, you also need to add another security profile to your policy controlling Internet traffic. close the vpn client, open it again and the new certificate is already displayed. In this method, you obtain a CA -signed certificate and install this certificate on your FortiGate to use with SSL inspection. connect over teams and have her install it. As a stopgap until I fix the issue I will pull up mmc and enroll on behalf of the user and create a new user.pfx cert for her. Though If you pull up mmc and look at the users personal store there are 3 valid ssl certificates to include the vpn certificate that was renewed 3 days ago. Just certificates from Microsoft and adobe. On closer inspection forticlient was not displaying any personal certificates. When she attempted to connect this morning she received a certificate error at 40% and failed to connect. User was Connected to the vpn all day yesterday and had no issues and disconnected for the night. In the beginning we had maybe 2 people with this issue and over time it has increased and now effects 18-20 and once this happens to someone the first time it becomes a recurring issue. We have roughly 106 people that have vpn access. This has been something that we have been dealing with for the past 2-3 years and lately it seems to be effecting more users. Authentication via radius on the pki server. ![]() Fortigate 301E running 6.4.5 Forticlient vpn versions 6.4 up Internal PKI on server 2016 dishing out and autorenewing certs to all users in the vpn users group. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |