FortiClient VPN connection issue

In this note, users may be experiencing FortiClient VPN connection issues at the following percentages. This note provides the following solutions and tips to address the issue.

Percentage and possible problem:

Possible problems and percentages:

  1. If it stays at %10
  • The issue is typically caused by a network connection.
  • Check if the PC has access to the internet and can reach the VPN server at the required connection point.
  • Check if the correct remote Gateway and connection point are configured in the FortiClient settings.
  • You also need to verify if the server certificate is selected in the FortiGate SSL VPN settings.
  1. If it stays at %40
  • This can also be caused by FortiClient opening a new window asking to continue despite the certificate not being trusted.
  • SSL/TLS Certificate Control.
  • This means there is a TLS version mismatch and usually shows Error -5029.
  • Sometimes the cause of the error is an application or FortiGate resulting from the local machine/network setup.
  1. If it stays at %48
  • 2FA issue.
  1. If it stays at %80
  • At this stage, check if the username and password are entered correctly.
  • Check the user and user group and it usually occurs if the user is not in the correct user group with VPN access.
  • If a person configured the user group in the SSL VPN settings, always configure the user group in the firewall policy and if the user is configured in the SSL VPN settings, configure the user in the firewall policy.
  • The relevant policy is not configured for users.
  • Also, check if the correct Realm is used if configured.
  1. If it stays at %98
  • At this stage, the issue is typically caused by a corrupt installation of FortiClient or issues with the operating system.
  • Check by reinstalling the FortiClient software on the PC.
See also  Apply IPS filtering on Fortigate

If there is no percentage and no errors occur

You can get information about the cause of the issue by looking at the FortiClinet logs. In a situation I encountered, it was reported that the issue occurred because the Phone Service was not working. When the Phone Service was started, it was observed that the problem was resolved.

Error log:

vpn user= msg=Telephony service (TapiSrv) is not running.Telephony service (TapiSrv) is not running.

Leave a Comment