Skip to main content
mister2x
mister2x
New Member
November 27, 2006
Question

FortiClient ipsec.exe

  • November 27, 2006
  • 4 replies
  • 7336 views
Hello, I am currently working on realising the following scenario: By executing a script/program the following should be done (things in brackets are already accomplished): (- enable forticlient virtual adapter) (- establish a vpn connection silently) - run a program (rdp-conn) - if vpn tunnel breaks re-establish the tunnel - act on error conditions (- if the program exits kill the vpn connection) (- disable forticlient virtual adapter) Enabling / Disabling the adapter is no problem (so the user does not always see the " cable unplugged" balloon message). Establishing a connection is also OK (although i would prefer this in a " silent mode" , e.g. no pop up window). Do you have any suggestions on how to accomplish the following: - check if the vpn tunnel has been established correctly (i use the ipsec.exe -b -k switches). I know I could ping the target server by script but this takes way to long as the user is waiting for the program to start. I' d prefer direct return values (exit codes) from ipsec.exe - re-establish the vpn tunnel if it gets broken - get errors from ipsec.exe (e.g. smartcard missing, host not responding, etc.) Is there any help file including all parameters for ipsec.exe? Thanks in advance! Christian

    4 replies

    vanc
    vanc
    New Member
    November 28, 2006
    Maybe you can use this trick. ipsec.exe diag tunnel If there is a live tunnel, it will dump the parameters. If no tunnel available, dump nothing. You can check the dump every couple of seconds.
    mister2x
    mister2xAuthor
    New Member
    November 29, 2006
    Thank you. Is there any further help to the ipsec.exe tool available? (command line switches, return codes and so on)
    vanc
    vanc
    New Member
    November 29, 2006
    As the command line switch method is not officially supported, there is no document about that. Can only get the secrets from the development team.
    TheTech
    TheTech
    New Member
    January 11, 2019

    Sorry for the late answer (13 years!...)

     

     

    @echo off

    cd "c:\Program Files\Fortinet\FortiClient"

    :repeat echo Launching FortiClient IPSEC.... ipsec -b -k switches if %errorlevel% gtr 0 goto error

    :CheckConnection ping -n 1 hostname  if %errorlevel% gtr 0 goto CheckConnection

    echo Connected! echo Launching hostname RDP... start mstsc xxxxxx.RDP exit :error echo Error! %errorlevel Trying again... goto repeat

     

     

    You can use also -w timeout to let the single ping enough time to accomplish.

    GusTech
    GusTech
    New Member
    January 11, 2019

    mister2x wrote:
    (- if the program exits kill the vpn connection) (- disable forticlient virtual adapter)
    If program exist you can use tasklist.exe

    Taskkill.exe to kill

    Terms & ConditionsAccessibility statement