we do have a lot of problems with the ssl vpn of the FortiClient (the one that is available over the Microsoft Store) and Windows 11 clients. Windows 10 clients are working just fine.
It seems that the tunnel is ‘up’, at the client side and also the fortigate site, but no traffic is going through the tunnel. On windows you don’t see any recevied packets and on the fortigate there are 0/0 Bytes Send/Received. (With 10 attemps of disconnecting and connecting the tunnel, sometimes the tunnel is working just fine. So it seems technically that the client could work.
Unfortunately I don’t find any useful logs on the windows client and the eventlog just says - yup vpn tunnel is up.
There appears to be limited documentation from FortiGate regarding this Microsoft Store app. We are currently using version v1.0.1041.
We would really like to keep that vpn client, as you have the native windows vpn feeling with that plugin type of vpn…
Are you using the FortiClient from the Microsoft Store and don’t face any Windows 11 problems?
Thaaaanks
**Update**
It looks like the Windows 11 24H2 update is causing issues with the VPN client. I reached out to Fortinet, and they confirmed that the Microsoft Store FortiClient is neither supported nor updated—it hasn’t received any updates in years.
Unfortunately, this means the issue cannot be fixed, as the client is no longer (or perhaps never was) officially supported.
I have dabbled with it not that long a go because it was the only FortiClient compatible with ARM socs. Too my surprise it was even worse than the “real” FortiClient.
The problem only occurs in the Windows 11 24h2 system, on older versions the client works without any problems.
Interestingly, after a few minutes, sometimes the client starts working properly, sometimes you just need to connect and disconnect a few times - you never know.
Any idea what the actual issue might be? I have two Windows 11 PCs, one running 23H2 and the other 24H2. The Microsoft Store version of FortiClient works ok on the box running 23H2, but on the one running 24H2 any attempt to activate the VPN will completely block all network traffic. The full client works just fine on 24H2.
I can’t get it why it needs many retries for me to able to achieve the connection. One good thing here is the I can connect after many attempts. Unlike my other provider is always getting no packet transmission after being connected. Hoping that MS could do something on this or even from Fortinet.
Seems so… Thanks MS for that. And thanks Fortinet to not update the Micorosft Store App.
Funny note: They still have sample screenshots, how to configure the App on a Windows Phone, on the ‘Windows-App-User-Guide’ they refer on the FortiClient Info page.
In my case, it does not completely block all network traffic. However, since you are using a DNS server over the VPN tunnel and it is unable to function, it appears as though no network traffic is working.
For example, you can still ping 8.8.8.8 after the VPN tunnel is up, but no VPN traffic is actually working, including DNS resolution via DNS servers that are ‘behind’ the VPN tunnel.
If you think it’s genuinely a problem of the client and can be for example reproduced on a clean, updated, install of Win11, then you can try reporting it to TAC. There may be some friction due to reporting an issue with a thing not covered by a support contract, but if they’re nice they may push it up to at least get looked at.
But I’m not sure if it’s getting any attention nowadays, so it may as well end up as “ok that’s wrong, but it’s not worth fixing for us”.
Yup - problem also exists on a standard/fresh installed Win11 (Version 24h2)
I opened a TAC a few days ago. Maybe we’ll get some information here, but I don’t have much hope since the client seems to be really outdated. I’ll keep you updated
Thanks MS for that. And thanks Fortinet to not update the Micorosft Store App.