IC Knowledge Base

Technical Note: Error ’Unable to establish the VPN connection. The VPN server may be unreachable. (-5)’ on FortiClient with SSL VPN

FortiClient

FortiGate v5.4

Description

 

This article provides the solution when the error "Unable to establish the VPN connection. The VPN server may be unreachable. (-5)" is obtained in FortiClient trying to connect to the SSL VPN and it is stuck at 40% after upgrading to 5.4.x from 5.2. or earlier.

Solution

 

This error may occur because the default settings for encryption have changed in FortiOS v5.4.

1. On the FortiClient (Windows) workstation, go to Internet Explorer > Options > Advanced.

2. Change the TLS settings to match those settings on the FortiGate.

For example, if TLS 1.1 and TLS 1.2 are enabled on the FortiGate, enable them in Internet Explorer as well.

4.5 (8)
Article Rating (8 Votes)
Rate this article
Attached Files
There are no attachments for this article.
Comments (1)
Comment by Nadeem khan on Tue, Jan 8th, 2019 at 12:30 PM
thanks dear its working 1. On the FortiClient (Windows) workstation, go to Internet Explorer > Options > Advanced. 2. Change the TLS settings to match those settings on the FortiGate. For example, if TLS 1.1 and TLS 1.2 are enabled on the FortiGate, enable them in Internet Explorer as well.
Name
Email
Security Code Security Code
Related Articles RSS Feed
Fortigate Phase 2 Keep Alive
Viewed 3187 times since Thu, Jul 26, 2018
Full (Deep) SSL Inspection - Avoid certificate errors
Viewed 7101 times since Thu, Jul 26, 2018
Fortigate DC Replication RPC port 135 Session-Helper
Viewed 6345 times since Wed, Dec 6, 2017
Fortigate Hairpin NAT
Viewed 13482 times since Fri, Aug 4, 2017
FortiGate MAC host check on SSL VPN
Viewed 7484 times since Fri, Aug 31, 2018
Technical Note: Custom NTP server configuration
Viewed 4297 times since Fri, Aug 11, 2017
Technical Note: DNS resolution not working when DNS Server configured to ’Same as Interface IP’
Viewed 9553 times since Wed, Aug 9, 2017
Fortigate SSL/TLS Handshake fails
Viewed 7731 times since Wed, Dec 6, 2017
How to configure DNS based FortiGuard web filtering with FortiOS v5.4
Viewed 6640 times since Wed, Aug 2, 2017
Internet Central Limited, Innovation Centre 2, Keele Science Park, Keele, Staffordshire ST5 5NH
Registered Office: Ivy House Foundry, Hanley, Stoke-on-Trent, ST1 3NR
Registered in England: Reg No. 03079542 VAT Reg No. GB 278 923 705
Contact Us |Terms & Conditions |Legal, Privacy and Cookies
All prices exclude VAT E.&O.E © 2015 Internet Central

All trademarks and logos appearing on the site are the property of their respective owners