NSE Training

Expand all | Collapse all

SSL-VPN Secure Connection Failed

  • 1.  SSL-VPN Secure Connection Failed

    Posted May 26, 2020 01:52 PM
    Hello,

    I'm a novice at using FortiGate and I'm testing out Remote Access using SSL-VPN but I'm having issues when I access the Portal Site (See attachment no. 4). I am attaching the test configurations I have, I must be missing something.

    Attachments:
    1. SSL-VPN Settings
    2. SSL-VPN Portals
    3. IPv4 Policy
    4. Browser Error

    Appreciate your help.


  • 2.  RE: SSL-VPN Secure Connection Failed

    Posted May 26, 2020 06:29 PM
    Hello,

    172.20.120.123 is not a public ip address, you need a public IP address to have access to the SSL-VPN interface from outside your network.

    Regards.


  • 3.  RE: SSL-VPN Secure Connection Failed

    Posted May 26, 2020 07:30 PM
      |   view attached
    Hi Marcos,

    Thanks for your reply.

     I'm using GNS3 VM to simulate , attached is my test topology, will it not work on it?


  • 4.  RE: SSL-VPN Secure Connection Failed

    Posted May 27, 2020 12:22 AM
    Yes, you can use GNS3, I think the PC need to be connected from the 172.20.120.0 LAN to simulate a remote pc. 

    Regards.

    ------------------------------
    Defend Your Enterprise Network With Fortigate Next Generation Firewall
    ------------------------------



  • 5.  RE: SSL-VPN Secure Connection Failed

    Posted May 27, 2020 09:39 AM
    I actually run a route add command on my PC like below

    route add 172.20.120.0 mask 255.255.255.0 192.168.150.254

    Basically, I am able to manage the Fortigate from my PC. But I don't understand why I get an error when I access the portal site.



  • 6.  RE: SSL-VPN Secure Connection Failed

    Posted 21 days ago
    I think you need to allow internal traffic back to the SSL-VPN Tunnel interface.
    add a policy from internal to SS-VPN interface.

    Internal--> SSL-VPN interface



  • 7.  RE: SSL-VPN Secure Connection Failed

    Posted 21 days ago
    Actually I take that back, you wont need that for web access.


  • 8.  RE: SSL-VPN Secure Connection Failed

    Posted May 28, 2020 12:37 PM
    switch your browser and test again



  • 9.  RE: SSL-VPN Secure Connection Failed

    Posted May 28, 2020 05:20 PM
    Yeah i tried IE, Firefox and Chrome and nothing worked.


  • 10.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago
    What URL do you use to mange the FortiGate and which one do you use to get to the SSLVPN? Assuming you are still working on it.


  • 11.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago
    http://172.20.120.123 for management then https://172.20.120.123:10443 for SSL-VPN


  • 12.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago

    Looking at the error "no common encryption algorithm", you are getting a connection but your browser does not support the needed encryption. Sounds like the browsers in the lab need to be updated. Another option might be if you are using a trial license VM, as that does not support SSL. 

    "https://support.mozilla.org/en-US/questions/1162402"




  • 13.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago
    You are right, I am indeed using a trial license VM. So I guess I won't be able to test my SSL-VPN config after all.


  • 14.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago
    An old browser might work, or googling and lowering your browser security, but not sure. You may want to check with Fortinet and see if you can get a 15/30 day demo license and that will give you full functionality. That may be a partner only option though. Good luck.


  • 15.  RE: SSL-VPN Secure Connection Failed

    Posted 28 days ago
    Will do, thanks so much!


  • 16.  RE: SSL-VPN Secure Connection Failed

    Posted 25 days ago
    switch your browser and test again



  • 17.  RE: SSL-VPN Secure Connection Failed

    Posted 25 days ago
    I dont think so it will work as you are not using full license based VM.