Closed wildborn closed 1 year ago
I see a log with an authentication error. Is the password incorrect? Please give some context.
I've checked password requires to be updated which is why this error -7 is coming so Please let me know how to generate new password or open the prompt for new password .
I see. You cannot do that with openfortivpn. Neither openfortivpn nor openconnect support that. How to achieve that might depend, or not, on the back-end behind the Fortigate that handles authentication.
I have read Secure LDAP and AD Password Change via Forticlient which addresses what happens on the server side. As you can see, the proprietary client can detect that the password needs to be changed:
openfortivpn -v -v -v
) would provide enough information to at least understand how to detect that the password needs to be changed.In the short term, you might be able to change the password by connecting to the gateway with a browser, before using a VPN SSL client.
I've tried this GUI setup too but its not prompting for this sort of password change. Suggest me something which can resolve this issue as by using VPN SSL Client it prompts an error of -455.
I am not sure I follow. What sort of "GUI setup" have you tried? If you are using the proprietary client, and it cannot change the password, why would you expect openfortivpn to be able to change it?
Are you certain the Fortigate is configured to change the password when logging in remotely, either from the web portal or a VPN SSL client?
By the way, I was able to find information on setting password renewal on the Fortigate, but unfortunately no information on the protocol between the Fortigate and the client:
I still lack context. Are you an administrator of the Fortigate? A simple end-user? In the latter case, how did you check "password requires to be updated"?
Thanks for helping! well here's the main thing that I'm end user. Although GUI refers to SSL Client used in windows and in CLI its showing the error where tried to debug and found the error posted above.
I still don't understand. Have you tried the proprietary FortiClient? If so, are you able to change the password with the proprietary FortiClient?
I cannot make any sense of "GUI refers to SSL Client used in windows". Which exact GUI? Please add links, names, context. Do spend much more time providing complete information and explanations, so that I do not have to spend time trying to understand and ask questions.
Yes I was referring to ssl client which was used on windows as it changed the password and now its working. Sorry:) Thanks !!
You don't make any sense. Which ssl client was used on windows?
lol
Yes, that's exactly what I feel :smile: You never answer my questions – perhaps answering your own questions, but that's not a dialogue.
I'm really sorry for that 😅 and this was the ssl client also it worked later on somehow although might be stuck as the new password prompt wasn't coming while using this incase of expired password.
Once again thanks for so much support you provided and sorry for unable to make you understand. :)