FortiClient VPN SSLVPN on Android no longer working

VPN
1

Hey guys,

I just installed the 7.0.14 update over the weekend and now, FortiClient VPN on Android is no longer authenticating.

We use Okta SSO to authenticate with FortiClient. We get the Okta login just fine but while it authenticates, the browser in the app goes to 127.0.0.1:8020 and says site can’t be reached. When we close the browser, the FortiClient app shows “Could not retrieve auth ID” and the connection fails.

We had users connect on Friday just before the update and since the update was caused by an SSLVPN vulnerability, I suspect FortiClient added additional settings or whatnot which is preventing our tablets and phones from connecting.

Our laptops connect without issues.

Anyone else having these issues?

Edit: Just got off the phone with FortiGate support. There is apparently an update to the Android VPN app that should be available next week so hopefully, that fixes the issue.

Edit2: It’s bug number 0924259 for the FortiClient. The update is going to be 7.2.2.

2

Ran into this today. This is a fix just make sure you can still login with your PC/Mac Forticlients after

3

Not sure if you’re using LetsEncrypt and older Androids. LetsEncrypt dropped support for Android 7.0 and older on Feb 8th 2024 (by dropping cross-signing by default).

https://letsencrypt.org/2023/07/10/cross-sign-expiration.html

4

Same here, case is open but no movement

5

Beta vpn apk from forti is work without problem.
Build 7.2.2 0123

6

Tested this today with the the app version that I can find in the Store (version 7.2.2.0127) and still having issues. Can somebody else confirm it is already working fine for them?

Thanks

7

Did it ever get fix ?

8

Having the same exact issue here after the 7.0.14 upgrade, though we use Azure SSO. Do you get an Untrusted Certificate error when connecting to the Forticlient VPN on your devices?

9

Yep, experiencing the same issue. Now I can’t clock in and out for lunch on my phone haha.

Android 14
FortiClient 7.2.1.0118
Gate updated to 7.0.14

10

I have same issue after upgrade FortiOS to 7.0.14.
On multiple Android devices cannot establish connection using Forticlient SSL VPN with Azure SSO.

11

Doing this fixed the phones but the desktop client no longer connected. I had to change it back to 8020

12

Yup… I am trying to schedule a screen share. The support rep doesn’t seem to understand the issue which is baffling since I’m clearly not the only one who is having this issue.

13

I have just logged a call as well.

We don’t think this impacts all Android clients - does anyone have some working and some not?

14

Yes it is the fix. Is it downloadable from the play store yet?

15

can you share the APK please ?

tks

16

Things are getting more and more interesting. With a number of test devices, the issue occurs. However, one of our intermediate managers is not experiencing this issue at all. For the life of me I can’t find any difference with his configuration and the configuration that we have on our test devices. Any hint? thanks!!

17

Nope, the certs seems okay. I did try to disable trusted cert settings in the Android app to see if it’s a cert issue but no dice. I opened a ticket with Fortigate support to see what the issue could be.

18

Yes I get that error as well but after accepting the cert it worked.

19

That’s a good question. All of ours are not working but I’m curious about others. I can’t find the toggle for using an external browser on Android.

20

No, opened case, I got it for test.