FortiClient SSL VPN not connecting, status: connecting stops at 40. Unable to establish the VPN connection. The VPN server may be unreachable -5

This is a repost of a post from an old blog, made on January 13, 2012, that used to be on:

http://adminramble.com/forticlient-ssl-vpn-connecting-status-connecting-stops-40/

Original post:

Today I got a phone call from a client who wasn’t able to connect to his VPN, he was constantly getting Unable to establish the VPN connection. The VPN server may be unreachable error when he tried to connect, while everybody else was connecting without a problem.

His FortiClient status would always stop at 40 when connecting.
There can be several things that can cause this problem, one of them might be an improper TeamViewer upgrade.

Besides TeamVIewer you might also check if you’re using some other VNC based remote access software on the problematic PC, try disabling it or uninstalling to check if it will get your FortiClient working (I had problems with computers that had TeamViewer and Gbridge installed at the same time).

UNINSTALL YOUR OLD VERSION OF TEAMVIEWER WHEN UPGRADING

If you are upgrading your old version of TeamViewer be sure to uninstall the old one before you install the new version, otherwise you will have both versions installed and problems with your FortiClient.

It seems that besides FortiClient, Windows gadgets also wont work properly if you have two versions of TeamViewer installed. (Specifically, the default weather gadget in Windows 7 wasn’t getting new data because of it)

Cisco VPN client minimizes to taskbar immediately when opened

This is a repost of a post from an old blog, made on June 1, 2012, that used to be on:

http://adminramble.com/cisco-vpn-client-minimizes-taskbar-immediately-opened/

Original post:

I had some problems with Cisco VPN client 5.0.07 today, when I would start it, it would just go straight to taskbar, the window would stay minimized and wouldn’t open when I click on it. The only way to open it was to hover with the mouse pointer over the taskbar and then right-click the pop up window and click ‘Maximize’. I little time on Google and I found the solution to the problem.

The problem can be fixed by editing the vpnclient.ini file inside the “C:\Program Files\Cisco Systems\VPN Client” folder as is stated in one of the answers on this page.

Edit the following lines (if you have numbers bigger then 42949 like 4294916329 just delete everything but the first five numbers, and leave 42949, that worked for me.):
WindowX=42949
WindowY=42949
You can put smaller numbers in the values it will work also.
On Microsoft Answers someone also said that the problem can be the values of (they were 0 in my case but it they are also high numbers change them to 0:
LogWindowX=0
LogWindowY=0

Cisco VPN client: error 56, service starts and then stops when you try to start it manually

This is a repost of a post from an old blog, made on January 3, 2012, that used to be on:

http://adminramble.com/cisco-vpn-client-error-56-service-starts-and-then-stops/

Original post:

I was installing Cisco VPN client on a laptop today and after the installation whenever I tried to run it I got

Error 56: The Cisco Systems, Inc. VPN Service has not been started. Please start this service and try again.

So naturally I went to Administrative tools > Services and tried to start Cisco VPN service, but whenever i tried I got:

service on local computer started and stopped.some services stop automatically if not in use by other services or programs.

I tried reinstalling Cisco VPN client but I still got the same error. The solution that worked for me was to turn off Internet Connection Sharing (ICS)

Go to Administrative Tools > Services > right click Internet Connection Sharing and go to Properties > On General tab stop the service and change startup type from Automatic to Manual

How to make a bootable USB thumb drive with Windows, Linux or some other operating system or utility

This is a repost of a post from an old blog, made on December 16, 2012, that used to be on:

http://beginner.adminramble.com/bootable-usb-thumb-drive-windows-linux-operating-system-utility/

Original post:

In one of my previous posts I wrote how to put a Windows 7/8 installation on a USB stick with Windows 7 USB/DVD download tool.

Now I present you Universal USB installer.
It is a tool for an automatic creation of bootable USB installations or Live Linux distributions.
It supports a wide array of different Linux distributions and operating systems like Ubuntu, Mint, Debian, Backtrack, Fedora, OpenSUSE, CentOS, Windows Vista/7/8 and some rescue software and utilities like Hiren’s Boot CD, Ultimate Boot CD, DBAN and many others.

The program is very easy to use, you simply plug your USB stick in the computer, run the program, select the desired operating system or utility, select the location of the ISO file (you can also select to automatically download the unnecessary ISO file if you don’t have it) and select the drive letter of the USB stick which you want to make bootable.
With some OS like Ubuntu you will also have a option of setting the size of the persistence file so you can store changes you make to your OS.


Notice:
Program by default only shows you drive letters for external storage, but If you plug your USB stick after you have run the program, you won’t have the option of selecting it from drop-down menu in step 3, in that case you will either have to mark show all Drives option (be careful not to select the wrong letter), or start the program again.

You can download the program from here.

How to make port forwarding or Static NAT on Fortigate

This is a repost of a post from an old blog, made on December 28, 2011, that used to be on:

http://adminramble.com/fortigate-port-forwarding/

Original post:

On FortiGate devices Static NAT or Port Forwarding is made through the Virtual IP feature.

To map a port on an outside address to a internal ip you need to do two things:

  • Create a Virtual IP entry
  • Create a firewall policy for the virtual ip to allow traffic inside the network
HOW TO CREATE A VIRTUAL IP ENTRY THROUGH WEB INTERFACE ON FORTIGATE:
  • Go to Firewall > Virtual IP > Virtual IP
  • Click on Create New and make a new vip e.g. 10.10.10.10_rdp
  • select external interface on which you will be receiving traffic, e.g. wan1
  • if not set, set type to Static NAT, and put an external address (you can either put one of the public addresses you have by you ISP or, if you have dynamic or a single IP address, you can leave 0.0.0.0 as external address)
  • set mapped ip address, in this case it’s 10.10.10.10, and tick port forwarding
  • select TCP and on external service port put the port on which you are listening, e.g. 3389 for Remote Desktop access
  • on Map to Port put the service port on the inside address, e.g. 3389 if you’re using standard RDP access, and press OK to make the Virtual IP
HOW TO CREATE FIREWALL POLICY FOR VIRTUAL IP ON FORTIGATE:
  • Go to Firewall > Policy > Policy and select Create New
  • Set Source Interface/Zone to listening interface, e.g. wan1
  • set source address to all, and Destination interface to interface connected to the mapped ip network, e.g. internal
  • set destination address to the Virtual IP name, e.g. 10.10.10.10_rdp
  • leave schedule always (unless you only wanted to be accessible at certain times), service ANY and action ACCEPT
  • click OK to make the firewall policy