Skip to main content

SSL VPN: Configuring and Using Forticlient on Ubuntu, creating a Launcher

  1. Is your primary OS at home Linux and do you use Windows only to connect to your work PC over VPN or to attend meetings? 
  2. Do you often wish to connect to your work VPN from a Linux PC? 
If your answer is 'Yes' to the above questions, I have an answer if your workplace uses Fortinet SSL VPN. Note that it's possible to connect to Fortinet and other VPNs like Cisco VPN from Linux through the inbuilt network manager by installing additional tools but this post would focus on using the standard Forticlient for accessing the resources on your work network.

Obtaining Forticlient

The most important thing to note w.r.t. using Forticlient for Ubuntu (or any Linux distro) is to note that the client is not publicly available for download from the official website. You will have to ask your IT department to download the client for you, in case they haven't provided it.

Here is the Fortinet KB which explains the location from where the file can be downloaded.


Using Forticlient

Files Extraction

Once you have the file (the name would be forticlientsslvpn_linux_<version>.tar.gz), extract it to the location of your choice on your Linux PC (I'm on Ubuntu 16.04 LTS).

1
tar xvzf forticlientsslvpn_linux_<version>.tar.gz

Launching

You can launch the Forticlient using the terminal after navigating to the path. You need to launch the script as superuser only the first time you run it.

1
2
cd forticlientsslvpn/
sudo ./fortisslvpn.sh

Accept the license agreement and you will have the client running immediately after that -


Enter the details provided by your administrator in terms of the URL, port number etc. and click connect to establish the connection. If you don't use a certificate you can leave the fields blank. A warning dialog to this effect would be shown while connecting on which you can click 'Continue'.


To avoid entering details every time, you can save the connection details which will persist between sessions. Click 'Settings' for this -


Connecting to the remote computer 

Now once Forticlient shows Tunnel Running, you are all set to connect to your work PC. Use Ubuntu's Remmina Remote Desktop Client.


Click on 'New' and save your machines details. You can select various color depth values; quality, sound (in Advanced tab) to improve your connection experience.

Once done, click 'Connect'.

Creating a Unity Launcher

One wouldn't want to navigate to the fortisslvpn folder every time to launch this client application. Therefore, let's create a launcher, a .desktop file to launch the application.

Prior to that, let's move the fortisslvpn folder (which is likely to be residing in your home or Downloads folder to /usr/local).

Assuming that the forticlientsslvpn folder is inside Downloads,

1
2
cd Downloads
sudo mv forticlientsslvpn /usr/local/

Create a .desktop file which will act as a launcher with the following content.

gedit ~/.local/share/applications/Fortinet.desktop

Fortinet.desktop's content

[Desktop Entry]
Version=1.0
Name=Fortinet
Exec=/usr/local/forticlientsslvpn/fortisslvpn.sh
Path=/usr/local/forticlientsslvpn
Icon=forticlientsslvpn.png
Terminal=false
Type=Application
Categories=Utility;Application;Development;

You can pin the launcher to Unity Launcher if necessary.


Comments

Post a Comment

Popular posts from this blog

Resolving INS-20802: Oracle Net Configuration Assistant failed error on Windows 10

I was all excited about the migration to Windows 10 until I had to install Oracle client 12.1.0.2 on it. The Oracle client installation used to fail miserably at the last stage with this error named INS-20802.


Nginx - Solution for 10060: A connection attempt failed because the connected party did not properly respond

I was in the process of setting up Nginx to serve as the reverse proxy for Nexus Repository Manager OSS. However, the Nexus repository started loading really slowly post this and used to repeatedly display disconnected and reconnected messages. The Nginx log file used to log the below error -

<timestamp> [error] 3240#3632: *1 upstream timed out (10060: A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond) while connecting to upstream, client: <ip address="">, server: <fqdn>, request: "GET /nexus HTTP/1.1", upstream: "http://[::1]:8081/nexus", host: "<fqdn>"