search

theinvisible / openfortigui

VPN-GUI to connect to Fortigate-Hardware, based on openfortivpn
https://hadler.me/linux/openfortigui/
GNU General Public License v3.0
489 stars 54 forks source link

It is not working with ubuntu 20.04 Beta #110

Closed lucasapereira closed 4 years ago

lucasapereira commented 4 years ago

DEBUG: Setting min proto version to: 0x301 ERROR: SSL_connect: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small You might want to try --insecure-ssl or specify a different --cipher-list

filippolmt commented 4 years ago

I have the same problem with the stable version: ERROR: SSL_connect: error:141A318A:SSL routines:tls_process_ske_dhe:dh key too small You might want to try --insecure-ssl or specify a different --cipher-list

theinvisible commented 4 years ago

Please checkout here: https://hadler.me/2020/04/openfortigui-ubuntu2004-status/

prynhart commented 4 years ago

@theinvisible - Is the above URL correct ? I'm getting:

Screen Shot 2020-05-08 at 10 16 34 AM

prynhart commented 4 years ago

Ah - it's just Safari that is unhappy with the cert. Got there via another browser. Thank you

prynhart commented 4 years ago

Update: Works beautifully with your preview build openfortigui_99.9.1057-1_amd64_focal.deb :-)

juan-rey commented 4 years ago

Latests packages did not work for me. But I have tested openfortivpn commandline and I have found a workaround; set --cipher-list 'DEFAULT:!DH'

gabviv73 commented 4 years ago

Latest build from homepage works. To detect ubuntu version, make lsb-release a dep:

lsb_release -a

No LSB modules are available.
Distributor ID: Ubuntu
Description:    Ubuntu 20.04 LTS
Release:    20.04
Codename:   focal
theinvisible commented 4 years ago

This seems also to be more like a generic problem when new openssl versions and older fortigate firmwares are used and unsecure ciphers are disabled. Please check you have a current firmware installed on your fortigate.