Forticlient SSL VPN - SSLVPN down unexpectedly with error:6

Buongiorno a tutti,
sono passato da FC23 a FC25 rifacendo completamente l’installazione. Per motivi di lavoro ho bisogno di avere la VPN Forticlient e come fatto per FC23 ho seguito i passi descritti al ink http://kb.arubacloud.com/en/computing/recovery-console/installing-and-connecting-forticlient-ssl-vpn-in-linux.aspx ma purtroppo succede una cosa strana.
La connessione viene stabilita dopo aver inserito il pin code ricevuto tramite SMS ma immediatamente viene chiusa. Se invece spunto "Keep connection alive until manually stoppen’ la connessione continua a chiudersi e continua a chiedermi e spedirmi il pin code come se fosse una nuova richiesta.
Sono 3 giorni che faccio prove di ogni sorta :wall:

La versione è forticlientsslvpn_linux_4-0-2281.rpm

Allego anche i log della connesione:

more forticlientsslvpn.log

07/11/2017 10:29:04 [4182] no Content-Length
07/11/2017 10:29:04 [4182] cookie: SVPNCOOKIE=27xeB7MqgFXQzFkyVCUJAiuPwapGnE1VMqzwasKB2r1LxPIMcj715TYIihlAkPdQPnd35Y9n8xVCtZhFdoXwua4Ctw
siRaBHba170YkyEA9vfsddEzgS4Yd6jk+typZPEYmKDLpPtJ0jJqBdwu9WuMs8P0IZdWjbS/j7n+ZOVeht+pg/hPLi9CgBDHODJ1puI+x2St9lV3M9eF7cpnSka3ir1FfclNHTiL
lfi+Xn8MXMWNit2oqgP+xhPC0h/GWO
07/11/2017 10:29:04 [4182] no Content-Length
07/11/2017 10:29:04 [4182] no Content-Length
07/11/2017 10:29:04 [4182] 0|remote.server.it|443|1|172.18.0.0/255.255.128.0,172.18.200.0/255.255.255.224,172.18.200.32/255.255.255.22
4,172.24.0.0/255.255.0.0,172.30.32.0/255.255.255.0|27xeB7MqgFXQzFkyVCUJAiuPwapGnE1VMqzwasKB2r1LxPIMcj715TYIihlAkPdQPnd35Y9n8xVCtZhFdoXwu
a4CtwsiRaBHba170YkyEA9vfsddEzgS4Yd6jk+typZPEYmKDLpPtJ0jJqBdwu9WuMs8P0IZdWjbS/j7n+ZOVeht+pg/hPLi9CgBDHODJ1puI+x2St9lV3M9eF7cpnSka3ir1Ffcl
NHTiLlfi+Xn8MXMWNit2oqgP+xhPC0h/GWO|0
07/11/2017 10:29:04 [4160] ssl vpn tunnel started
07/11/2017 10:29:04 [4160] rcv cmd:0 at state[1]
07/11/2017 10:29:04 [4188] server=remote.server.it[remote.server.it] port=443[443] version=1 tunnel=172.18.0.0/255.255.128.0,172.18.
200.0/255.255.255.224,172.18.200.32/255.255.255.224,172.24.0.0/255.255.0.0,172.30.32.0/255.255.255.0 cookie=27xeB7MqgFXQzFkyVCUJAiuPwapG
nE1VMqzwasKB2r1LxPIMcj715TYIihlAkPdQPnd35Y9n8xVCtZhFdoXwua4CtwsiRaBHba170YkyEA9vfsddEzgS4Yd6jk+typZPEYmKDLpPtJ0jJqBdwu9WuMs8P0IZdWjbS/j7
n+ZOVeht+pg/hPLi9CgBDHODJ1puI+x2St9lV3M9eF7cpnSka3ir1FfclNHTiLlfi+Xn8MXMWNit2oqgP+xhPC0h/GWO exclusive routing: 0

07/11/2017 10:29:04 [4188] starting pppd
07/11/2017 10:29:04 [4188] use tty:/dev/pts/4
07/11/2017 10:29:04 [4188] connecting to remote.server.it:443
07/11/2017 10:29:04 [4188] ssl read failed[error:00000005:lib(0):func(0):DH lib]:[Success]
07/11/2017 10:29:04 [4160] rcv cmd:1 at state[1]
07/11/2017 10:29:04 [4160] stopping ssl vpn tunnel[v4.0.2281]
07/11/2017 10:29:04 [4160] kill_child:4188
07/11/2017 10:29:04 [4160] kill_child:4182
07/11/2017 10:29:04 [4188] killing pppd ...
07/11/2017 10:29:04 [4188] kill_child:4191
07/11/2017 10:29:04 [4182] signal rcved, logout now
07/11/2017 10:29:04 [4160] tunnel terminated
begin cleanup linux...
restore /etc/resolv.conf
clean up route...
truncate pppd.log
truncate forticlientsslvpn.log
07/11/2017 10:29:04 [4160] ssl vpn tunnel stopped
07/11/2017 10:29:04 [4160] rcv cmd:2 at state[0]

more pppd.log

using channel 1
Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x477c611d>]
Terminating on signal 2
sent [LCP TermReq id=0x2 "User request"]
Modem hangup
Connection terminated.
using channel 2
Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0xd0af3ef0>]
Terminating on signal 2
sent [LCP TermReq id=0x2 "User request"]
Modem hangup
Connection terminated.
using channel 3
Using interface ppp0
Connect: ppp0 <--> /dev/pts/3
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x54d92d98>]
Terminating on signal 2
sent [LCP TermReq id=0x2 "User request"]
Modem hangup
Connection terminated.
using channel 4
Using interface ppp0
Connect: ppp0 <--> /dev/pts/4
sent [LCP ConfReq id=0x1 <mru 1024> <magic 0x457c0f06>]
Terminating on signal 2
sent [LCP TermReq id=0x2 "User request"]
Modem hangup
Connection terminated.

Ho urgente bisogno perché senza connessione VPN non posso lavorare!

Grazie in anticipo
Cristiano

Premesso che forse un avanzamento di versione di solito è preferibile e assumendo che tu abbia fatto la stessa procedura sulla tua F23…

Non è la prima volta che sento di problemi con VPN e le nuove Fedora. Di solito il problema è legato a SSL e sembra che sia così anche nel tuo caso. Certificato non valido o da importare manualmente? Non è che il certificato sia vecchio o che il server supporti solo SSLv3 o qualche protocollo considerato non più sicuro?

Siccome il servizio è di Aruba, hai provato a sentire loro?

Ciao, uso la VPN non con Aruba ma per connettermi all’interno della mia società. Ho solo seguito (come ho sempre fatto) la configurazione del Forticlient descritta sul sito di Aruba.
Non abbiamo un certificato perché per connetterci utilizziamo l’utenza e la pwd di dominio e una volta “autenticato” con le credenziali viene inviato un pin code sul cellulare da inserire per stabilire la connesione VPN.
Nessuna configurazione aziendale è stata modificata.
Il problema penso che sia legato a qualche problema con l’apertura del tunnel nella parte client (mio laptop)
Ho aumentato la verbosità dei log che allego

# more forticlientsslvpn.log


07/11/2017 15:16:01 [5144] set the loglevel to 3
07/11/2017 15:16:01 [5146] set the loglevel to 3
07/11/2017 15:16:01 [5146] sslvpn connection version:4.0.2281
07/11/2017 15:16:01 [5146] rcv cmd:0 at state[0]
07/11/2017 15:16:01 [5146] starting ssl vpn tunnel[4.0.2281]
gateway for 1.1.1.1:172.18.132.1 for 91.226.75.100:172.18.132.1
if has single route record for 1.1.1.1:0 for 91.226.75.100:0
07/11/2017 15:16:01 [5168] execl /opt/forticlientsslvpn/helper/get_fortisslvpn_info /opt/forticlientsslvpn/helper vpn.miasocieta.it 443
  ...
07/11/2017 15:16:01 [5168] trusted CA dir: /root/.fctsslvpn_trustca
07/11/2017 15:16:01 [5168] set loglevel to 3
07/11/2017 15:16:01 [5168] Peer's certificate is not valid. action is 1
07/11/2017 15:16:01 [5168] peer's certificate: 
        Version: 3 (0x2)$        Serial Number:$            07:2d:92:28:18:12:c8:73$    Signature Algorithm: sha256WithRSAEncryption$   
     Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godaddy.com/repository/, CN=Go Daddy Secure Certificat
e Authority - G2$        Validity$            Not Before: Feb  6 17:51:40 2015 GMT$            Not After : Feb  6 17:51:40 2018 GMT$    
    Subject: OU=Domain Control Validated, CN=*.miasocieta.it$        Subject Public Key Info:$            Public Key Algorithm: rsaEncrypt
ion$                Public-Key: (2048 bit)$                Modulus:$                    00:c1:21:d7:19:ad:19:4c:59:a4:54:a1:6a:0e:a4:$  
                  a5:c2:2e:4b:11:28:df:59:c0:72:17:16:63:ef:29:$                    56:1f:74:eb:c9:23:90:3f:8c:aa:50:5d:ba:cd:ca:$      
              06:27:78:24:7d:f2:e3:1d:fc:52:8f:0b:c5:a2:65:$                    16:71:19:ec:53:d1:73:d4:c0:ac:42:4a:32:18:d8:$          
          d3:b5:32:11:94:9a:6d:3e:8f:71:72:7b:7a:44:a9:$                    59:41:f8:b2:2c:73:8f:e8:23:ea:3e:b6:ef:7b:bf:$              
      66:58:dd:27:64:8d:e7:d0:8c:8f:98:41:04:a3:5e:$                    30:a0:fb:7b:78:1f:3c:11:38:98:c1:73:a1:bf:96:$                  
  7d:33:8f:f8:a6:70:d1:18:8e:60:a7:07:26:39:59:$                    1c:f0:a4:b0:d7:22:22:f9:36:ad:80:94:26:b6:75:$                    48
:46:67:b7:85:0d:a7:88:71:4d:2f:7d:f3:30:38:$                    0e:72:41:44:e4:ab:a4:bd:e5:eb:36:0f:c7:d2:24:$                    24:6e:
cb:04:66:75:82:d6:6e:78:73:f7:f9:18:67:$                    31:1c:5b:d1:49:09:c2:c4:27:3a:64:6f:52:dd:7b:$                    c9:4c:78:5
3:ff:07:e4:e8:24:8b:a8:3d:bb:0b:9a:$                    66:e0:7b:e2:69:c1:60:b4:57:fb:c2:08:af:08:97:$                    a4:b3$        
        Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509v3 Basic Constraints: critical$                CA:FALSE$   
         X509v3 Extended Key Usage: $                TLS Web Server Authentication, TLS Web Client Authentication$            X509v3 Key
 Usage: critical$                Digital Signature, Key Encipherment$            X509v3 CRL Distribution Points: $$                Full 
Name:$                  URI:http://crl.godaddy.com/gdig2s1-87.crl$$            X509v3 Certificate Policies: $                Policy: 2.1
6.840.1.114413.1.7.23.1$                  CPS: http://certificates.godaddy.com/repository/$$            Authority Information Access: $ 
               OCSP - URI:http://ocsp.godaddy.com/$                CA Issuers - URI:http://certificates.godaddy.com/repository/gdig2.crt
$$            X509v3 Authority Key Identifier: $                keyid:40:C2:BD:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE$$     
       X509v3 Subject Alternative Name: $                DNS:*.miasocieta.it, DNS:miasocieta.it$            X509v3 Subject Key Identifier: $
                F7:19:5C:E4:F5:43:30:79:25:9E:7A:49:97:1F:28:B7:BE:F9:83:56$    Signature Algorithm: sha256WithRSAEncryption$         62
:76:80:33:dd:ab:72:2b:51:90:1e:6e:d4:f5:fb:c5:36:2e:$         88:40:6a:ce:70:3f:52:bf:88:d8:51:62:30:13:b7:e1:cd:f9:$         0a:11:11:f
6:98:80:c2:43:21:ab:4a:06:0c:fd:66:24:57:be:$         2d:f0:dd:24:39:bf:8d:f4:90:69:d0:1f:1a:ea:ac:a9:0c:b7:$         c3:99:cd:e4:f3:a5:
50:58:7c:a7:7e:41:7d:cc:2c:2c:fa:3a:$         fd:60:c6:f7:4b:ac:37:3a:bc:9d:93:9a:da:3f:2d:76:f7:36:$         15:44:80:03:41:ff:dd:f8:1c
:cb:40:0b:48:5f:9e:28:7f:c9:$         d3:9d:51:80:c3:44:fb:1f:8c:f7:bb:75:8e:5f:47:7f:f2:d3:$         4f:67:7a:f7:18:d5:04:61:9a:c2:b2:7
8:77:57:63:f7:f4:6b:$         25:c1:1c:f3:7f:74:b8:9e:a4:c2:5c:df:07:2b:72:df:31:06:$         49:e1:10:d0:5c:49:69:fa:79:36:5f:bb:6a:7a:
ca:90:1f:1b:$         d8:d0:79:8c:cd:34:8f:bf:d4:5c:e4:18:77:3e:40:7d:4a:de:$         ee:ae:57:66:22:23:94:73:42:84:a4:d3:67:fe:92:e9:c5
:5d:$         6a:de:11:fb:11:33:3f:3f:0f:f7:37:ad:41:fd:78:79:a2:ab:$         a2:99:8c:3c$
07/11/2017 15:16:01 [5146] rcv from grab web:2|Certificate:        Version: 3 (0x2)$        Serial Number:$            07:2d:92:28:18:12
:c8:73$    Signature Algorithm: sha256WithRSAEncryption$        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://c
erts.godaddy.com/repository/, CN=Go Daddy Secure Certificate Authority - G2$        Validity$            Not Before: Feb  6 17:51:40 201
5 GMT$            Not After : Feb  6 17:51:40 2018 GMT$        Subject: OU=Domain Control Validated, CN=*.miasocieta.it$        Subject Pu
blic Key Info:$            Public Key Algorithm: rsaEncryption$                Public-Key: (2048 bit)$                Modulus:$         
           00:c1:21:d7:19:ad:19:4c:59:a4:54:a1:6a:0e:a4:$                    a5:c2:2e:4b:11:28:df:59:c0:72:17:16:63:ef:29:$             
       56:1f:74:eb:c9:23:90:3f:8c:aa:50:5d:ba:cd:ca:$                    06:27:78:24:7d:f2:e3:1d:fc:52:8f:0b:c5:a2:65:$                 
   16:71:19:ec:53:d1:73:d4:c0:ac:42:4a:32:18:d8:$                    d3:b5:32:11:94:9a:6d:3e:8f:71:72:7b:7a:44:a9:$                    5
9:41:f8:b2:2c:73:8f:e8:23:ea:3e:b6:ef:7b:bf:$                    66:58:dd:27:64:8d:e7:d0:8c:8f:98:41:04:a3:5e:$                    30:a0
:fb:7b:78:1f:3c:11:38:98:c1:73:a1:bf:96:$                    7d:33:8f:f8:a6:70:d1:18:8e:60:a7:07:26:39:59:$                    1c:f0:a4:
b0:d7:22:22:f9:36:ad:80:94:26:b6:75:$                    48:46:67:b7:85:0d:a7:88:71:4d:2f:7d:f3:30:38:$                    0e:72:41:44:e
4:ab:a4:bd:e5:eb:36:0f:c7:d2:24:$                    24:6e:cb:04:66:75:82:d6:6e:78:73:f7:f9:18:67:$                    31:1c:5b:d1:49:09
:c2:c4:27:3a:64:6f:52:dd:7b:$                    c9:4c:78:53:ff:07:e4:e8:24:8b:a8:3d:bb:0b:9a:$                    66:e0:7b:e2:69:c1:60:
b4:57:fb:c2:08:af:08:97:$                    a4:b3$                Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509
v3 Basic Constraints: critical$                CA:FALSE$            X509v3 Extended Key Usage: $                TLS Web Server Authentic
ation, TLS Web Client Authentication$            X509v3 Key Usage: critical$                Digital Signature, Key Encipherment$        
    X509v3 CRL Distribution Points: $$                Full Name:$                  URI:http://crl.godaddy.com/gdig2s1-87.crl$$          
  X509v3 Certificate Policies: $                Policy: 2.16.840.1.114413.1.7.23.1$                  CPS: http://certificates.godaddy.co
m/repository/$$            Authority Information Access: $                OCSP - URI:http://ocsp.godaddy.com/$                CA Issuers
 - URI:http://certificates.godaddy.com/repository/gdig2.crt$$            X509v3 Authority Key Identifier: $                keyid:40:C2:B
D:27:8E:CC:34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE$$            X509v3 Subject Alternative Name: $                DNS:*.miasocieta.it, D
NS:miasocieta.it$            X509v3 Subject Key Identifier: $                F7:19:5C:E4:F5:43:30:79:25:9E:7A:49:97:1F:28:B7:BE:F9:83:56$ 
   Signature Algorithm: sha256WithRSAEncryption$         62:76:80:33:dd:ab:72:2b:51:90:1e:6e:d4:f5:fb:c5:36:2e:$         88:40:6a:ce:70:
3f:52:bf:88:d8:51:62:30:13:b7:e1:cd:f9:$         0a:11:11:f6:98:80:c2:43:21:ab:4a:06:0c:fd:66:24:57:be:$         2d:f0:dd:24:39:bf:8d:f4
:90:69:d0:1f:1a:ea:ac:a9:0c:b7:$         c3:99:cd:e4:f3:a5:50:58:7c:a7:7e:41:7d:cc:2c:2c:fa:3a:$         fd:60:c6:f7:4b:ac:37:3a:bc:9d:9
3:9a:da:3f:2d:76:f7:36:$         15:44:80:03:41:ff:dd:f8:1c:cb:40:0b:48:5f:9e:28:7f:c9:$         d3:9d:51:80:c3:44:fb:1f:8c:f7:bb:75:8e:
5f:47:7f:f2:d3:$         4f:67:7a:f7:18:d5:04:61:9a:c2:b2:78:77:57:63:f7:f4:6b:$         25:c1:1c:f3:7f:74:b8:9e:a4:c2:5c:df:07:2b:72:df
:31:06:$         49:e1:10:d0:5c:49:69:fa:79:36:5f:bb:6a:7a:ca:90:1f:1b:$         d8:d0:79:8c:cd:34:8f:bf:d4:5c:e4:18:77:3e:40:7d:4a:de:$
         ee:ae:57:66:22:23:94:73:42:84:a4:d3:67:fe:92:e9:c5:5d:$         6a:de:11:fb:11:33:3f:3f:0f:f7:37:ad:41:fd:78:79:a2:ab:$        
 a2:99:8c:3c$

07/11/2017 15:16:01 [5146] send GUI:Certificate:        Version: 3 (0x2)$        Serial Number:$            07:2d:92:28:18:12:c8:73$    
Signature Algorithm: sha256WithRSAEncryption$        Issuer: C=US, ST=Arizona, L=Scottsdale, O=GoDaddy.com, Inc., OU=http://certs.godadd
y.com/repository/, CN=Go Daddy Secure Certificate Authority - G2$        Validity$            Not Before: Feb  6 17:51:40 2015 GMT$     
       Not After : Feb  6 17:51:40 2018 GMT$        Subject: OU=Domain Control Validated, CN=*.miasocieta.it$        Subject Public Key In
fo:$            Public Key Algorithm: rsaEncryption$                Public-Key: (2048 bit)$                Modulus:$                    
00:c1:21:d7:19:ad:19:4c:59:a4:54:a1:6a:0e:a4:$                    a5:c2:2e:4b:11:28:df:59:c0:72:17:16:63:ef:29:$                    56:1
f:74:eb:c9:23:90:3f:8c:aa:50:5d:ba:cd:ca:$                    06:27:78:24:7d:f2:e3:1d:fc:52:8f:0b:c5:a2:65:$                    16:71:19
:ec:53:d1:73:d4:c0:ac:42:4a:32:18:d8:$                    d3:b5:32:11:94:9a:6d:3e:8f:71:72:7b:7a:44:a9:$                    59:41:f8:b2:
2c:73:8f:e8:23:ea:3e:b6:ef:7b:bf:$                    66:58:dd:27:64:8d:e7:d0:8c:8f:98:41:04:a3:5e:$                    30:a0:fb:7b:78:1
f:3c:11:38:98:c1:73:a1:bf:96:$                    7d:33:8f:f8:a6:70:d1:18:8e:60:a7:07:26:39:59:$                    1c:f0:a4:b0:d7:22:22
:f9:36:ad:80:94:26:b6:75:$                    48:46:67:b7:85:0d:a7:88:71:4d:2f:7d:f3:30:38:$                    0e:72:41:44:e4:ab:a4:bd:
e5:eb:36:0f:c7:d2:24:$                    24:6e:cb:04:66:75:82:d6:6e:78:73:f7:f9:18:67:$                    31:1c:5b:d1:49:09:c2:c4:27:3
a:64:6f:52:dd:7b:$                    c9:4c:78:53:ff:07:e4:e8:24:8b:a8:3d:bb:0b:9a:$                    66:e0:7b:e2:69:c1:60:b4:57:fb:c2
:08:af:08:97:$                    a4:b3$                Exponent: 65537 (0x10001)$        X509v3 extensions:$            X509v3 Basic Co
nstraints: critical$                CA:FALSE$            X509v3 Extended Key Usage: $                TLS Web Server Authentication, TLS 
Web Client Authentication$            X509v3 Key Usage: critical$                Digital Signature, Key Encipherment$            X509v3 
CRL Distribution Points: $$                Full Name:$                  URI:http://crl.godaddy.com/gdig2s1-87.crl$$            X509v3 Ce
rtificate Policies: $                Policy: 2.16.840.1.114413.1.7.23.1$                  CPS: http://certificates.godaddy.com/repositor
y/$$            Authority Information Access: $                OCSP - URI:http://ocsp.godaddy.com/$                CA Issuers - URI:http
://certificates.godaddy.com/repository/gdig2.crt$$            X509v3 Authority Key Identifier: $                keyid:40:C2:BD:27:8E:CC:
34:83:30:A2:33:D7:FB:6C:B3:F0:B4:2C:80:CE$$            X509v3 Subject Alternative Name: $                DNS:*.miasocieta.it, DNS:miasocieta
.it$            X509v3 Subject Key Identifier: $                F7:19:5C:E4:F5:43:30:79:25:9E:7A:49:97:1F:28:B7:BE:F9:83:56$    Signatur
e Algorithm: sha256WithRSAEncryption$         62:76:80:33:dd:ab:72:2b:51:90:1e:6e:d4:f5:fb:c5:36:2e:$         88:40:6a:ce:70:3f:52:bf:88
:d8:51:62:30:13:b7:e1:cd:f9:$         0a:11:11:f6:98:80:c2:43:21:ab:4a:06:0c:fd:66:24:57:be:$         2d:f0:dd:24:39:bf:8d:f4:90:69:d0:1
f:1a:ea:ac:a9:0c:b7:$         c3:99:cd:e4:f3:a5:50:58:7c:a7:7e:41:7d:cc:2c:2c:fa:3a:$         fd:60:c6:f7:4b:ac:37:3a:bc:9d:93:9a:da:3f:
2d:76:f7:36:$         15:44:80:03:41:ff:dd:f8:1c:cb:40:0b:48:5f:9e:28:7f:c9:$         d3:9d:51:80:c3:44:fb:1f:8c:f7:bb:75:8e:5f:47:7f:f2
:d3:$         4f:67:7a:f7:18:d5:04:61:9a:c2:b2:78:77:57:63:f7:f4:6b:$         25:c1:1c:f3:7f:74:b8:9e:a4:c2:5c:df:07:2b:72:df:31:06:$   
      49:e1:10:d0:5c:49:69:fa:79:36:5f:bb:6a:7a:ca:90:1f:1b:$         d8:d0:79:8c:cd:34:8f:bf:d4:5c:e4:18:77:3e:40:7d:4a:de:$         ee
:ae:57:66:22:23:94:73:42:84:a4:d3:67:fe:92:e9:c5:5d:$         6a:de:11:fb:11:33:3f:3f:0f:f7:37:ad:41:fd:78:79:a2:ab:$         a2:99:8c:3
c$

07/11/2017 15:16:03 [5146] receive input from GUI:1
07/11/2017 15:16:03 [5168] user accepted this invalid peer certificate: 1
07/11/2017 15:16:03 [5168] get login page
07/11/2017 15:16:03 [5168] GET[195]:
GET /remote/login HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: 


07/11/2017 15:16:03 [5168] get response
07/11/2017 15:16:03 [5168] no Content-Length
07/11/2017 15:16:03 [5168] RESPONSE[3385]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:03 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly
X-UA-Compatible: requiresActiveX=true
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<!DOCTYPE html>
<html lang="en" class="main-app">
    <head>
        <meta charset="UTF-8">
        <meta http-equiv="X-UA-Compatible" content="IE=8; IE=EDGE">
        <meta name="viewport" content="width=device-width, initial-scale=1">
        <link href="/css/main-blue.css" rel="stylesheet" type="text/css">
        <title>Please Login</title>
    </head>
    <body>
        <div class="view-container">
            <form class="prompt" action="/remote/logincheck" method="post" name="f" autocomplete="off">
                <div class="content with-header">
                    <div class="header">
                        <f-icon class="ftnt-fortinet-grid icon-xl"></f-icon>
                        <div>Please Login</div>
                    </div>
                    <div class="sub-content">
                        <div class="wide-inputs">
                            <!--remoteauthtimeout=5-->
<input type="text" name="username" id="username" placeholder="Name"><input type="password" name="credential" id="credential" placeholder
="Password" maxlength="128"><div class="info-message" id="token_msg" style="display: none;"><div class="message-content" id="token_label
"></div></div><input type="password" style="display: none;" maxlength="128" name="credential2" id="credential2"><input type="password" s
tyle="display: none;" maxlength="128" name="credential3" id="credential3"><input type="password" style="display: none;" maxlength="8" pl
aceholder="FortiToken" name="code" id="code"><div id="driftmsg" style="display: none;" class="warning-message">FortiToken clock drift de
tected. Please input the next code and continue.</div><input type="password" style="display: none;" maxlength="8" name="code2" id="code2
" placeholder="Next FortiToken Code">
                        </div>
                        <div class="button-actions wide">
                            <button class="primary" type="button" name="login_button" id="login_button" onClick="try_login()">
                                Login
                            </button>
                        </div>
                    </div>
                </div>
            </form>
        </div>
    </body>
    <input type=hidden name=just_logged_in value=1><input type=hidden name=magic id=magic_id value=""><input type=hidden name=reqid id=r
eqid_id value="0"><input type=hidden name=grpid id=grpid_id value=""><input type=hidden name=realm id=realm_id value=""><input type=hidd
en name=redir value="/sslvpn/portal.html"><script type="text/javascript" src="/sslvpn/js/login.js?q=6e1c56b9c6498fdb3bd25d2851b6d308"></
script><script type="text/javascript" src="/lang/en.js"></script><script>document.onkeydown = key_pressdown;function load_login_strings(
) {var tmp = document.getElementById("err_val");if (tmp) {tmp.innerHTML = fgt_lang"error"] + ": " + fgt_lang[tmp.getAttribute('title')]
;}}window.onload = load_login_strings;</script>
</html>


07/11/2017 15:16:03 [5168] try to get cookie for the first time: 98 :  SVPNNETWORKCOOKIE=; path=/remote/network; expires=Tue, 11-Jul-201
7 13:16:03 GMT; secure; httponly
07/11/2017 15:16:03 [5168] post to login
07/11/2017 15:16:03 [5168] POST [313]:
POST /remote/logincheck HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Content-Length: 101

username=mionome.miocognome&credential=miapwd&ajax=1&redir=%2Fremote%2Findex&just_logged_in=1
07/11/2017 15:16:03 [5168] get response
07/11/2017 15:16:03 [5168] no Content-Length
07/11/2017 15:16:03 [5168] RESPONSE[507]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:03 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/plain
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

ret=4,reqid=614335313,polid=1,grp=FullAccess Users,portal=full-access,tokeninfo=39XXXXXXXX73
07/11/2017 15:16:03 [5168] RESPONSE[507]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:03 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Tue, 11-Jul-2017 13:16:03 GMT; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/plain
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

ret=4,reqid=614335313,polid=1,grp=FullAccess Users,portal=full-access,tokeninfo=39XXXXXXXX73
07/11/2017 15:16:03 [5168] try rsa new pin page
07/11/2017 15:16:03 [5168] try forti-token page
07/11/2017 15:16:03 [5168] show user:A SMS message containing a Token Code will be sent to <4> in a moment.

07/11/2017 15:16:03 [5146] rcv from grab web:2|A SMS message containing a Token Code will be sent to <4> in a moment.

07/11/2017 15:16:03 [5146] send GUI:A SMS message containing a Token Code will be sent to <4> in a moment.

07/11/2017 15:16:18 [5146] receive input from GUI:999339
07/11/2017 15:16:18 [5168] get token code:999339
07/11/2017 15:16:18 [5168] post forti-token page
07/11/2017 15:16:18 [5168] POST [345]:
POST /remote/logincheck HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Content-Length: 133

username=mionome.miocognome&reqid=614335313&polid=1&grp=FullAccess%20Users&code=999339&code2=&redir=%2Fremote%2Findex&just_logged_in=1
07/11/2017 15:16:18 [5168] get response
07/11/2017 15:16:18 [5168] no Content-Length
07/11/2017 15:16:18 [5168] RESPONSE[642]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:18 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glw
mkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobO
m+sabD7; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<html><head>
<script language="javascript">
document.location=decodeURIComponent("/remote/index");
</script>
</head></html>

07/11/2017 15:16:18 [5168] RESPONSE[642]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:18 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glw
mkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobO
m+sabD7; path=/; secure; httponly
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<html><head>
<script language="javascript">
document.location=decodeURIComponent("/remote/index");
</script>
</head></html>

07/11/2017 15:16:18 [5168] cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoa
PCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2f
aMCFw6BWsrkgJW2mcsZRobOm+sabD7
07/11/2017 15:16:18 [5168] get /remote/index
07/11/2017 15:16:18 [5168] GET[462]:
GET /remote/index HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glwmkxY
sZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sa
bD7


07/11/2017 15:16:18 [5168] get response
07/11/2017 15:16:18 [5168] no Content-Length
07/11/2017 15:16:18 [5168] RESPONSE[1847]:
HTTP/1.1 403 Forbidden
Date: Tue, 11 Jul 2017 13:16:18 GMT
Server: xxxxxxxx-xxxxx
Transfer-Encoding: chunked
Content-Type: text/html
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<HTML>
<HEAD>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<META HTTP-EQUIV="Pragma" CONTENT="no-cache">
<link href="/style.css?q=6e1c56b9c6498fdb3bd25d2851b6d308" rel="stylesheet" type="text/css">
<script type='text/javascript' src='/lang/en.js'></script>
</head>
<body class="main">
<table class="container" cellpadding="0" cellspacing="0">
<tr>
<td><table class="dialog" width=300 align="center" cellpadding="0" cellspacing="0">
<tr>
<td><table class="header" cellpadding="0" cellspacing="0">
<tr>
<td id="err_title"></td>
</tr>
</table></td>
</tr>
<script>document.getElementById('err_title').innerHTML=fgt_lang'error'];</script>
<tr>
<td class="body" height=100><table class="body"><tr><td id='err_val' title='403' align="center">
<script>
var errval_elem=document.getElementById('err_val');
var errval=errval_elem.getAttribute('title').split(',');
var err_str = fgt_lang[errval[0]];
if (err_str == undefined) {
   errval_elem.innerHTML = "some unknown error!<br>";
} else {   if (errval.length == 2) {
       err_str = err_str.replace("%d", errval[1]);
   }
   errval_elem.innerHTML = err_str;
}
</script></td></tr></table></td>
</tr>
<tr><td>
<table class="footer" cellpadding="0" cellspacing="0">
<tr><td>
<input id="ok_button" type="button" value="" onclick="chkbrowser()" style="width:80px">
</td></tr>
</table>
</td></tr>
</table>
</body>
<script language = "javascript">
document.getElementById('ok_button').value=fgt_lang'ok'];
function chkbrowser() {
if (window.location.pathname == "/remote/login")
window.location.reload();
else
window.location.href = "/remote/login";}
</script>
</html>

07/11/2017 15:16:18 [5168] get /remote/fortisslvpn
07/11/2017 15:16:18 [5168] GET[468]:
GET /remote/fortisslvpn HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glwmkxY
sZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sa
bD7


07/11/2017 15:16:18 [5168] get response
07/11/2017 15:16:18 [5168] no Content-Length
07/11/2017 15:16:18 [5168] RESPONSE[4139]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:18 GMT
Server: xxxxxxxx-xxxxx
Transfer-Encoding: chunked
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<HTML>

<HEAD>

<META http-equiv="Content-Type" content="text/html; charset=UTF-8">
<META http-equiv="Pragma" content="no-cache">
<META http-equiv="cache-control" content="no-cache">
<META http-equiv="cache-control" content="must-revalidate">
<link href="/sslvpn/css/sslvpn.css" rel="stylesheet" type="text/css">
<script type='text/javascript' src='/lang/en.js'></script>
<script language="JavaScript"> 
function load_fortisslvpn_strings() {
   document.getElementById('vb_connect').value = fgt_lang'sslvpn_wtunnel_connect'];
   document.getElementById('sslvpn_wtunnel_disconnect').value = fgt_lang'sslvpn_wtunnel_disconnect'];
   document.getElementById('sslvpn_wtunnel_refresh').value = fgt_lang'sslvpn_wtunnel_refresh'];
   document.getElementById('sslvpn_wtunnel_link_status').innerHTML = fgt_lang'sslvpn_wtunnel_link_status']  + ":";
   document.getElementById('sslvpn_wtunnel_bytes_tx').innerHTML = fgt_lang'sslvpn_wtunnel_bytes_tx'] + ":";
   document.getElementById('sslvpn_wtunnel_bytes_rx').innerHTML = fgt_lang'sslvpn_wtunnel_bytes_rx'] + ":";
   document.getElementById('sslvpn_wtunnel_collecting').value = fgt_lang'sslvpn_wtunnel_collecting'];
} 
</script> 

<TITLE>Fortinet SSL-VPN Client Version 1.0</TITLE>

<!-- SSL-VPN protocol version:
embed.FGTversion = 1;
fortisslvpn.FGTversion = 1
-->

</HEAD>
<BODY class=main>
<form name="fortisslvpn">
<input type="hidden" NAME="text6" VALUE="172.18.0.0/255.255.128.0,172.18.200.0/255.255.255.224,172.18.200.32/255.255.255.224,172.24.0.0/
255.255.0.0,172.30.32.0/255.255.255.0">
<input type="hidden" NAME="text3" value="vpn.miasocieta.it:443">
<input type="hidden" NAME="text7" value="0">
<div class="widget_content"><br style="display: none;"><style>input.readonly { border:0px; }</style><div><input id='vb_connect' LANGUAGE
="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit3">
<input id='sslvpn_wtunnel_disconnect' LANGUAGE="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit4">
<input id='sslvpn_wtunnel_refresh' LANGUAGE="JavaScript" TYPE=button  VALUE=""  DISABLED=true NAME="submit5"></td>
</div><div><table><tbody><tr><td id='sslvpn_wtunnel_link_status'></td><td><input id="sslvpn_tunnel_status_value" type="text" size="20" n
ame="text1" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_tx'></td><td><input TYPE="text" size="20" name="text4" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_rx'></td><td><input TYPE="text" size="20" name="text5" class="readonly" readonly="true"></td>
</td></tr></tbody></table></div><hr style="background-color: gray;"><div><input id='sslvpn_wtunnel_collecting' type="text" name="text11"
 class="readonly" readonly="true" value="" style="width: 100%"></div></div></form><script language="Javascript">
function js_get_cookie(c_name) {var cookie_str='a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtx
oaPCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ
2faMCFw6BWsrkgJW2mcsZRobOm+sabD7';if (document.cookie.length>0) {c_start = document.cookie.indexOf(c_name + "=");if (c_start != -1) {c_s
tart = c_start + c_name.length + 1;c_end = document.cookie.indexOf(";", c_start);if (c_end == -1) c_end = document.cookie.length;cookie_
str=document.cookie.substring(c_start, c_end);}}return cookie_str;}
function js_get_host_address() {var port;if (document.location.port == "") {port=443;if (document.location.protocol == "http") {port=80;
}} else {port = document.location.port;}if (document.location.hostname.indexOf(':') >= 0) {return ''+document.location.hostname+']:' + 
port+'?'+js_get_cookie('SVPNCOOKIE');} else {return document.location.hostname + ':' + port + '?' + js_get_cookie('SVPNCOOKIE');}}
</script>
</body>
<script language="JavaScript"> 
location.href = "/registryml.html";
</script>
</HTML>

07/11/2017 15:16:18 [5168] 0|vpn.miasocieta.it|443|1|172.18.0.0/255.255.128.0,172.18.200.0/255.255.255.224,172.18.200.32/255.255.255.22
4,172.24.0.0/255.255.0.0,172.30.32.0/255.255.255.0|a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDI
GtxoaPCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1
YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sabD7|0
07/11/2017 15:16:18 [5146] rcv from grab web:0|vpn.miasocieta.it|443|1|172.18.0.0/255.255.128.0,172.18.200.0/255.255.255.224,172.18.200
.32/255.255.255.224,172.24.0.0/255.255.0.0,172.30.32.0/255.255.255.0|a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZM
TZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFn
tmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sabD7|0

07/11/2017 15:16:18 [5146] ssl vpn tunnel started
07/11/2017 15:16:18 [5146] rcv cmd:0 at state[1]
07/11/2017 15:16:18 [5171] server=vpn.miasocieta.it[vpn.miasocieta.it] port=443[443] version=1 tunnel=172.18.0.0/255.255.128.0,172.18.
200.0/255.255.255.224,172.18.200.32/255.255.255.224,172.24.0.0/255.255.0.0,172.30.32.0/255.255.255.0 cookie=a/xfIp42CjiVhJsMTzfxGgN7vrhC
a4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+lt
INBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sabD7 exclusive routing: 0

07/11/2017 15:16:18 [5171] starting pppd
07/11/2017 15:16:18 [5171] use tty:/dev/pts/4
07/11/2017 15:16:18 [5171] connecting to vpn.miasocieta.it:443
07/11/2017 15:16:18 [5171] begin io loop
07/11/2017 15:16:18 [5171] launch ssl read thread
07/11/2017 15:16:18 [5171] launch tty read thread
07/11/2017 15:16:18 [5171] ssl read thread started
07/11/2017 15:16:18 [5171] tty read thread started
07/11/2017 15:16:18 [5171] tty write thread started
07/11/2017 15:16:18 [5171] ssl write thread started
07/11/2017 15:16:18 [5171] ssl read failed[error:00000005:lib(0):func(0):DH lib]:[Success]
07/11/2017 15:16:18 [5146] rcv cmd:1 at state[1]
07/11/2017 15:16:18 [5146] stopping ssl vpn tunnel[v4.0.2281]
07/11/2017 15:16:18 [5146] kill_child:5171
07/11/2017 15:16:18 [5146] kill_child:5168
07/11/2017 15:16:18 [5171] killing pppd ...
07/11/2017 15:16:18 [5168] signal rcved, logout now
07/11/2017 15:16:18 [5168] GET[463]:
GET /remote/logout HTTP/1.1
Host: vpn.miasocieta.it:443
User-Agent: Mozilla/5.0 SV1
Accept: text/plain
Accept-Encoding: identify
Content-Type: application/x-www-form-urlencoded
Cookie: SVPNCOOKIE=a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtxoaPCbL5iJSKKmSPWXNS5z9glwmkxY
sZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ2faMCFw6BWsrkgJW2mcsZRobOm+sa
bD7


07/11/2017 15:16:18 [5168] get response
07/11/2017 15:16:18 [5171] kill_child:5174
07/11/2017 15:16:18 [5146] tunnel terminated
begin cleanup linux...
restore /etc/resolv.conf
clean up route...
truncate pppd.log
07/11/2017 15:16:18 [5168] RESPONSE[1065]:
HTTP/1.1 200 OK
Date: Tue, 11 Jul 2017 13:16:18 GMT
Server: xxxxxxxx-xxxxx
Set-Cookie:  SVPNCOOKIE=; path=/; expires=Tue, 11-Jul-2017 13:16:18 GMT; secure; httponly;
Set-Cookie: SVPNNETWORKCOOKIE=; path=/remote/network; expires=Tue, 11-Jul-2017 13:16:18 GMT; secure; httponly
Content-Length: 643
Content-Type: text/html; charset=utf-8
X-Frame-Options: SAMEORIGIN
Content-Security-Policy: frame-ancestors 'self'

<html><head><script>function fgt_clear_cookies() {var cookies = document.cookie.split(';');var domain = document.domain.split('.');var n
ew_date='; expires=Thu, 21 Sep 1979 00:00:01 UTC';if (domain.length > 1) {domain.shift();}for (var i = 0; i < cookies.length; i++) {var 
spcook =  cookies*.split('=');document.cookie = spcook[0] + '=; path=/' + new_date;document.cookie = spcook[0] + '=; domain=.' + domai
n.join('.') + '; path=/' + new_date;document.cookie = spcook[0] + '=; domain=' + domain.join('.') + '; path=/' + new_date;}window.locati
on.href ='/remote/login';}</script></head><body><script>fgt_clear_cookies();</script></body></html>:";
   document.getElementById('sslvpn_wtunnel_bytes_tx').innerHTML = fgt_lang'sslvpn_wtunnel_bytes_tx'] + ":";
   document.getElementById('sslvpn_wtunnel_bytes_rx').innerHTML = fgt_lang'sslvpn_wtunnel_bytes_rx'] + ":";
   document.getElementById('sslvpn_wtunnel_collecting').value = fgt_lang'sslvpn_wtunnel_collecting'];
} 
</script> 

<TITLE>Fortinet SSL-VPN Client Version 1.0</TITLE>

<!-- SSL-VPN protocol version:
embed.FGTversion = 1;
fortisslvpn.FGTversion = 1
-->

</HEAD>
<BODY class=main>
<form name="fortisslvpn">
<input type="hidden" NAME="text6" VALUE="172.18.0.0/255.255.128.0,172.18.200.0/255.255.255.224,172.18.200.32/255.255.255.224,172.24.0.0/
255.255.0.0,172.30.32.0/255.255.255.0">
<input type="hidden" NAME="text3" value="vpn.miasocieta.it:443">
<input type="hidden" NAME="text7" value="0">
<div class="widget_content"><br style="display: none;"><style>input.readonly { border:0px; }</style><div><input id='vb_connect' LANGUAGE
="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit3">
<input id='sslvpn_wtunnel_disconnect' LANGUAGE="JavaScript" TYPE=button  VALUE="" DISABLED=true NAME="submit4">
<input id='sslvpn_wtunnel_refresh' LANGUAGE="JavaScript" TYPE=button  VALUE=""  DISABLED=true NAME="submit5"></td>
</div><div><table><tbody><tr><td id='sslvpn_wtunnel_link_status'></td><td><input id="sslvpn_tunnel_status_value" type="text" size="20" n
ame="text1" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_tx'></td><td><input TYPE="text" size="20" name="text4" class="readonly" readonly="true"></td>
</td></tr><tr><td id='sslvpn_wtunnel_bytes_rx'></td><td><input TYPE="text" size="20" name="text5" class="readonly" readonly="true"></td>
</td></tr></tbody></table></div><hr style="background-color: gray;"><div><input id='sslvpn_wtunnel_collecting' type="text" name="text11"
 class="readonly" readonly="true" value="" style="width: 100%"></div></div></form><script language="Javascript">
function js_get_cookie(c_name) {var cookie_str='a/xfIp42CjiVhJsMTzfxGgN7vrhCa4kB0f8sN9PMejcyiYku7/T4dEEp/P7/nJPbWZMTZ5ymn6T3343N2pLDIGtx
oaPCbL5iJSKKmSPWXNS5z9glwmkxYsZm9pG/fudVZew//4GTjyWBMaJ8sna47GtaNjx5ZC0ui+ltINBb52ltVx12ZOrpg0OJ5RkIZxLWzLVQC9ypFFntmP26/2zdNF5TJyLj1YrZ
2faMCFw6BWsrkgJW2mcsZRobOm+sabD7';if (document.cookie.length>0) {c_start = document.cookie.indexOf(c_name + "=");if (c_start != -1) {c_s
tart = c_start + c_name.length + 1;c_end = document.cookie.indexOf(";", c_start);if (c_end == -1) c_end = document.cookie.length;cookie_
str=document.cookie.substring(c_start, c_end);}}return cookie_str;}
function js_get_host_address() {var port;if (document.location.port == "") {port=443;if (document.location.protocol == "http") {port=80;
}} else {port = document.location.port;}if (document.location.hostname.indexOf(':') >= 0) {return ''+document.location.hostname+']:' + 
port+'?'+js_get_cookie('SVPNCOOKIE');} else {return document.location.hostname + ':' + port + '?' + js_get_cookie('SVPNCOOKIE');}}
</script>
</body>
<script language="JavaScript"> 
location.href = "/registryml.html";
</script>
</HTML>

truncate forticlientsslvpn.log
07/11/2017 15:16:18 [5146] ssl vpn tunnel stopped
07/11/2017 15:16:18 [5146] rcv cmd:2 at state[0]

Anche scaricando una versione precedente di Forticlient il comportamento ed il msg è identico

  • forticlientsslvpn_linux_4.0.2254.tar.gz
  • forticlientsslvpn_linux_4-0-2281-tar.gz

You are connecting to an untrusted server. which could put your confidential information at risk. Would you like to connect to this server? (Y/N) Y A SMS message containing a Token Code will be sent to <4> in a moment. 474708 STATUS::Login succeed STATUS::Starting PPPd STATUS::Initializing tunnel STATUS::Connecting to server STATUS::Connected Press Ctrl-C to quit SSLVPN down unexpectedly with error:6 SSLVPN down unexpectedly with error:6 STATUS::Tunnel running STATUS::Stopping tunnel STATUS::Tunnel closed *

07/11/2017 15:16:18 [5171] ssl read failed[error:00000005:lib(0):func(0):DH lib]:[Success]

Il problema non sembra a livello di autenticazione, ma la comunicazione SSL verso vpn.miasocieta.it:443. Magari miasocieta.it proprio perché non ha mai aggiornato/migliorato la propria configurazione magari cerca di stabilire una comunicazione che non è più considerata sicura.
Siccome nella linea incriminata vedo un DH mi viene il dubbio si tratti di qualcosa tipo https://weakdh.org/

Non sei l’unico ad avere questo problema con forticlient: https://forum.fortinet.com/tm.aspx?m=103415

Questa parte proviene proprio da OpenSSL che si lamenta di qualcosa:

https://forum.fortinet.com/tm.aspx?m=103415

Parametri DH del server invalidi o non considerati più sicuri lato client?
Si potrebbe anche cercare di far utilizzare al client un gruppo di algoritmi di cifratura differenti.

Risolto :yeah:
E’ un problema di versione della linux Forticlient! Ho trovato un sito spagnolo che segnalava lo stesso mio problema e veniva scritto che era un problema di versione dove “l’unica” funzionante sembra essere forticlientsslvpn_4.4.2327/64bit. Infatti solo con questa versione la connessione si stabilisce e funziona correttamente.

Grazie frafra

Ottimo!
Aggiungi "[Risolto] " all’inizio del titolo di questa discussione, grazie.