Open michelep opened 2 years ago
What kind of output are you getting in ~/.openfortigui/logs/openfortigui.log? There will also be a log for the specific profile under ~/.openfortigui/logs/vpn/ as well.
Here is:
INFO: Start tunnel.
ERROR: Gateway certificate validation failed, and the certificate digest is not in the local whitelist. If you trust it, rerun with:
ERROR: --trusted-cert 19f4b4e19091bf6c7f70fd6b6b3a97ff21e4c58b3eff3e283eXXXXXX
ERROR: or add this line to your configuration file:
ERROR: trusted-cert = 19f4b4e19091bf6c7f70fd6b6b3a97ff21e4c58b3eff3e283eXXXXXX
ERROR: Gateway certificate:
ERROR: subject:
ERROR: C=IT
ERROR: ST=XXX
ERROR: L=XXX
ERROR: O=XXXX
ERROR: CN=vpn.XXX
ERROR: issuer:
ERROR: C=NL
ERROR: O=GEANT Vereniging
ERROR: CN=GEANT OV RSA CA 4
ERROR: sha256 digest:
ERROR: 19f4b4e19091bf6c7f70fd6b6b3a97ff21e4c58b3eff3e283e7XXXXXXXXXXXXXX
INFO: Closed connection to gateway.
And this is the openfortigui.log:
ott 11 10:24:38 openfortiGUI::Debug: start vpn: "XXXX" active-tab:: 0
ott 11 10:24:38 openfortiGUI::Debug: add logger "/home/michelep/.openfortigui/main.conf"
ott 11 10:24:38 openfortiGUI::Debug: Start vpn:: "XXXX"
ott 11 10:24:38 openfortiGUI::Debug: tiConfVpnProfile::readVpnProfiles() -> vpnprofile found: "/home/michelep/.openfortigui/vpnprofiles/XXXX.conf"
ott 11 10:24:38 openfortiGUI::Debug: vpnManager::onClientConnected()
ott 11 10:24:38 openfortiGUI::Debug: client api helo command:: 0 ::name:: "XXXX"
ott 11 10:24:38 openfortiGUI::Debug: client disconnected:: "XXXX"
ott 11 10:24:38 openfortiGUI::Debug: vpnManager::onClientVPNStatusChanged() "XXXX" status 0
ott 11 10:24:38 openfortiGUI::Debug: MainWindow::onClientVPNStatusChanged:: "XXXX" ::status:: 0
ott 11 10:24:38 openfortiGUI::Debug: 1633940678985 bytes avail:: 1677
ott 11 10:24:38 openfortiGUI::Debug: certificatefailedrequest from vpnmanager
ott 11 10:24:39 openfortiGUI::Debug: VPN process "XXXX" error occurred!
ott 11 10:24:39 openfortiGUI::Debug: VPN process "XXXX" finished!
ott 11 10:24:40 openfortiGUI::Debug: tiConfVpnProfile::readVpnProfiles() -> vpnprofile found: "/home/michelep/.openfortigui/vpnprofiles/XXXX.conf"
ott 11 10:24:40 openfortiGUI::Debug: tiConfVpnProfile::readVpnProfiles() -> vpnprofile found: "/home/michelep/.openfortigui/vpnprofiles/XXXX.conf"
ott 11 10:24:40 openfortiGUI::Debug: MainWindow::refreshVpnProfileList() -> vpnprofiles found:: "XXXX"
ott 11 10:24:42 openfortiGUI::Debug: stop vpn:: 0
Hi rhelms, any news? Can i help in some way?
I thought it might have been an issue similar to mine (#158 ), but it's not.
I've since given up on using the GUI and have elected to use the command line openfortivpn with a config file and hide the terminal in the systray via KDocker.
Seems that also the latest OpenFortiGUI ignore trusted_certs fingerprint in vpnprofiles.
I've tried updating openfortivpn at the latest (GIT) release, without any success. When i connect to my VPN provider, openfortigui asks me if i want to add SSL fingerprint to trusted_certs. I accept but nothing happens, VPN doesn't connect.
In profile file i have: