| Description |
This article will describes how to resolve the issue when the user is unable to connect to the SSL-VPN while the host check was enabled.
Below is the error output when the user is trying to connect to the SSL-VPN.
 |
| Scope | |
| Solution |
It is necessary to understand the different host check types for troubleshooting.
Realtime Antivirus: In this case the client can use the built-in anti-virus or any 3rd party anti-virus which needs to install and run while the user is trying to connect to the SSL-VPN.
Firewall: In this case the built-in windows firewall needs to be on enabled mode for both private and public domain.
Enable both: In this case both antivirus and windows firewalls need to be enabled and run perfectly while the user is trying to connect.
If the above conditions are not matched, then the user will get the error while connecting to the SSL-VPN.
In some cases, the firewall configuration might be correct but due to the anti-virus and firewall issue on the user side, it will be failed to log in to the SSL-VPN.
For using the host check, an antivirus is not required to be installed on the PC, if it is used only as firewall mode.
Related Articles https://community.fortinet.com/t5/FortiGate/Technical-Tip-MAC-host-check-on-SSL-VPN/ta-p/194337
|
