We are using a Fortigate 60F, to which we usually connect to VPN using the Forticlient app. Everything used to work fine, but for the last two or three days, we have two users that cannot connect and receive the "Unable to logon to the server. Your username or password may not be properly configured for this connection. (-12)" error message at 80%.
- It's just two users that are having the problem. I asked other users (also normal users --- see below) and they work fine.
- I personally have two users (one admin and one normal), and my admin user can connect from the same laptop and network that my normal user cannot. Both users have similar (not equal) passwords with the same special characters.
- I tested on different networks and devices (mobile phone, laptop, home network and cellular network)
- I can use my normal user to log in to the VPN web portal (although it is configured to allow tunnel-mode only)
- I tried resetting the password to the normal user, and nothing. Password is not expired, user is not blocked.
- It used to work fine until a couple of days ago. All other users work fine (I tested with some, but no one else has reported it). (Update)
- The other user restarted his computer after changing the password and it works.
- I tried changing my password and restarting to no avail.
- In my iPhone I deleted the FortiClient 6.0 (Legacy) application and installed the new FortiClientVPN app. With both, I get "Internal Error" while trying to connect. An incorrect password shows a message about "incorrect credentials." This happened before changing my password, and still happens after.
- I checked the Fortigate VPN logs, and it shows a tunnel-up (tunnel established event) immediately followed by a ssl-exit-error without additional details. (End Update)
As for configuration:
- FortiOS 7.0.5, latest release.
- We have it linked to an LDAP server, with two user groups: IT (for admin) and VPN (for normal users).
Any ideas?
Thanks,
Luis
