forticlient vpn credential or ssl vpn configuration is wrong (-7200)

Posted in :

大約一個月左右, 會遇到一次, 重設是沒什麼效果, 每次都是透過刪除即有的設定檔, 重新建立一組新的連線, 就可以了.

刪除即有的設定檔, 在登入帳號時, 第一個下拉框旁邊有一個三條線的小圖示, 選”刪除選定連接”, 就可以了.

Windows 提示我要重開機, 用以套用新的設定值, 我重開後, FortiClient 就連不上VPN, 顯示錯誤訊:

credential or SSLVPN configuration is wrong (-7200)


執行 inetcpl.cpl

點”進階” – “重設” – “重設”



In all my instances of this issue, I also found out I could check this issue by opening the SSL VPN URL with Internet Explorer. Every time I could not connect to the SSL VPN in Web Mode from Internet Explorer (it displays “This page can’t be displayed”), FortiClient was also failing just like the OP describes. (The Web Mode was working just fine on Chrome or Firefox.) The opposite was also true: when IE logged into the Web Mode, FCT was working.

(Of course Web Mode must be enabled for the relevant SSL-VPN Portal for this test to make sense.)

I also found this issue on a server with Trusted Sites locked by Group Policy – so I couldn’t add a new entry. In the end I was able to solve the issue by resetting Internet Options:

(also see attached image)

  • run Internet Options (inetcpl.cpl)
  • select the “Advanced” tab
  • Click on the “Reset…” button
  • flag “Delete personal settings” (I did that – don’t know if it is needed)
  • Click “Reset”

Summing it up, it is clear that something inside Internet Options is the culprit, but I wasn’t able to pinpoint what exactly.

Fortinet support says that FortiClient is designed to take settings from Internet Options. At this point I’d like to know exactly what parameters are in use (I guess I can’t ask support because I don’t have a valid FortiClient support contract at the moment).

To anyone having this issue, I’d still recommend trying to add the SSL VPN URL to the Trusted Sites before resetting.


發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *