Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
edgar1
Staff
Staff

Created on ‎06-16-2016 06:37 AM

Article Id 190845

Technical Note: Cannot connect to SSL VPN, FortiGate 5.4 (Windows 7 and XP)

Description
This article addresses the error message "Cannot connect to VPN. The VPN server could be unavailable." which may be seen when Windows 7 or Windows XP tries to connect to SSL VPN when using v5.4.

Scope
FortiGate All Models, Firmware v5.4

Solution
In firmware the protocols SSLv3 and TLSv1 are disabled by default.  Both Windows 7 and Windows XP use these protocols to negotiate and connect through VPN SSL.

The solution is to enable these protocols on vpn ssl settings
# config vpn ssl setting
# set sslv3 enable
# set tlsv1-0 enable
# end
Care should be taken with the use of these two protocols, both are considered vulnerable.  It is for this reason that the default setting is 'disabled' on firmware 5.4.

Labels:
8924
0 Kudos
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.