SSl VPN

Forum|Forum|13 years ago
April 23, 2013
4 replies
17647 views

Does anyone know how to customize the FortiClient SSL VPN (4.3.5.472). I want to package it up so that is already has the remote gateway, port , etc. I' ve only found the config for IPSEC. I need it for SSL. Any suggestions?

rwpatterson

New Member

Welcome to the forums. When using the Fortinet SSL VPN client, the entries are stored in the registry for SSL VPN. Copy the below into a text editor (notepad works very well for this), and change the text in red to suit your needs. When you are done, give it a ' .reg' extension, and right click > merge (or double click) it:

  Windows Registry Editor Version 5.00    [HKEY_CURRENT_USER\Software\Fortinet]    [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient]  " ServerAddress" =" "   " Installed" =dword:00000001  " ServerPort" =" "   " KeepConnectionAlive" =" "   " DATA0" =" "   " DATA1" =" "   " DATA2" =" "   " DATA3" =" "   " DATA4" =" "   " DATA5" =" "   " DATA6" =" "   " DATA7" =" "   " DATA8" =" "   " DATA9" =" "   " ConnectionName" =" MyServer"     [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient\Tunnels]    [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient\Tunnels\company]  " Server" =" secure.myserver.com(:port)"   " DATA1" =" "   " DATA2" =" "   " Description" =" Tunnel to my server"   " DATA3" =" "   " ServerCert" =" 1"

Once you have created the .reg file, it can be executed from a batch file as you can also do with the SSL VPN client install. I have them chained where the SSL client first installs, then the .reg file is run afterward. Works well. Hope that helps

Newbie77Author

New Member

Thanks for the reply. When you say you have them " chained" how did you do that? Did you create batch file within you GPO? I should have mentioned before that I' m creating this to be push by GPO.

rwpatterson

New Member

I created a stand alone batch file that I give to the end users to load on their remote desktops. I guess it could work if pushed by GPO, but we don' t force our home users to have AD authentication.

I' ll provide a copy of the install file. (I removed my company' s name from the script. Should still work, but the directory will be just SSL VPN.

 REM installer for SSL VPN written by Bob Patterson 03/21/2013    @ECHO off  CLS    SET SSLdir=%CD%  IF NOT EXIST " %SSLdir%\uninstall.bat"  GOTO NoCopy  IF EXIST c:\Windows\SysWOW64 GOTO Win7  IF EXIST c:\Windows\System32 GOTO Windows  IF EXIST c:\WINNT\System32 GOTO WINNT  @ECHO Cannot locate your version of Windows  PAUSE  GOTO End    :Windows  @ECHO Windows 98/XP based machine found.  @ECHO:  CD C:\Windows\System32  GOTO Copy    :WINNT  @ECHO Windows NT based machine found.  @ECHO:  CD C:\WINNT\System32  GOTO Copy    :Win7  @ECHO Windows 64 bit based machine found.  @ECHO:  CD c:\Windows\SysWOW64  GOTO Copy    :Copy  REM Program Files copy  REM 64 bit Windows copying  IF EXIST " %ProgramFiles(x86)%"  (      @ECHO Copying files to " %ProgramFiles(x86)%\SSL VPN\"       IF NOT EXIST " %ProgramFiles(x86)%\SSL VPN\"      MKDIR " %ProgramFiles(x86)%\SSL VPN\"       COPY " %SSLdir%\add registry entries.reg"               " %ProgramFiles(x86)%\SSL VPN\add registry entries.reg"       COPY " %SSLdir%\clear registry entries.reg"             " %ProgramFiles(x86)%\SSL VPN\clear registry entries.reg"       COPY " %SSLdir%\clear Fortinet registry entries.reg"    " %ProgramFiles(x86)%\SSL VPN\clear Fortinet registry entries.reg"       COPY " %SSLdir%\SSL VPN connect_x64.lnk"                " %ProgramFiles(x86)%\SSL VPN\SSL VPN connect_x64.lnk"       COPY " %SSLdir%\SSL VPN disconnect_x64.lnk"             " %ProgramFiles(x86)%\SSL VPN\SSL VPN disconnect_x64.lnk"       COPY " %SSLdir%\uninstall.bat"                          " %ProgramFiles(x86)%\SSL VPN\uninstall.bat"       IF NOT EXIST " %ProgramFiles(x86)%\SSL VPN\Windows"  MKDIR " %ProgramFiles(x86)%\SSL VPN\Windows"       COPY " %SSLdir%\Windows_x64\"                           " %ProgramFiles(x86)%\SSL VPN\Windows\"       @ECHO:  REM Start Menu install      IF NOT EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"  MKDIR " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"       @ECHO Creating start menu icons      IF EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\"  (          COPY " %SSLdir%\SSL VPN connect_x64.lnk"              " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN connect.lnk"           COPY " %SSLdir%\SSL VPN disconnect_x64.lnk"           " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN disconnect.lnk"           COPY " %SSLdir%\add registry entries.reg"             " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\add registry entries.reg" "           COPY " %SSLdir%\clear registry entries.reg"           " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear registry entries.reg" "           COPY " %SSLdir%\clear Fortinet registry entries.reg"  " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear Fortinet registry entries.reg" "           COPY " %SSLdir%\uninstall.bat"                        " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\uninstall.bat"       )      @ECHO:  REM Desktop install      @ECHO Creating desktop icons          COPY " %SSLdir%\SSL VPN connect_x64.lnk"          " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN connect.lnk"           COPY " %SSLdir%\SSL VPN disconnect_x64.lnk"       " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN disconnect.lnk"       @ECHO:      GOTO Display  )    REM 32 bit Windows copying  IF EXIST " %ProgramFiles%"  (      @ECHO Copying files to " %ProgramFiles%\SSL VPN\"       IF NOT EXIST " %ProgramFiles%\SSL VPN\"         MKDIR " %ProgramFiles%\SSL VPN\"       COPY " %SSLdir%\add registry entries.reg"             " %ProgramFiles%\SSL VPN\add registry entries.reg"       COPY " %SSLdir%\clear registry entries.reg"           " %ProgramFiles%\SSL VPN\clear registry entries.reg"       COPY " %SSLdir%\clear Fortinet registry entries.reg"  " %ProgramFiles%\SSL VPN\clear Fortinet registry entries.reg"       COPY " %SSLdir%\SSL VPN connect_x86.lnk"              " %ProgramFiles%\SSL VPN\SSL VPN connect.lnk"       COPY " %SSLdir%\SSL VPN disconnect_x86.lnk"           " %ProgramFiles%\SSL VPN\SSL VPN disconnect.lnk"       COPY " %SSLdir%\uninstall.bat"                        " %ProgramFiles%\SSL VPN\uninstall.bat"       IF NOT EXIST " %ProgramFiles%\SSL VPN\Windows"  MKDIR " %ProgramFiles%\SSL VPN\Windows\"       COPY " %SSLdir%\Windows_x86\*.*"                      " %ProgramFiles%\SSL VPN\Windows\*.*"       @ECHO:  REM Start Menu install      IF NOT EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"  MKDIR " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"       @ECHO:Creating start menu icons      IF EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\"  (          COPY " %SSLdir%\SSL VPN connect_x86.lnk"              " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN connect.lnk"           COPY " %SSLdir%\SSL VPN disconnect_x86.lnk"           " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN disconnect.lnk"           COPY " %SSLdir%\add registry entries.reg"             " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\add registry entries.reg" "           COPY " %SSLdir%\clear registry entries.reg"           " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear registry entries.reg" "           COPY " %SSLdir%\clear Fortinet registry entries.reg"  " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear Fortinet registry entries.reg" "           COPY " %SSLdir%\uninstall.bat"                        " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\uninstall.bat"       )      @ECHO:  REM Desktop install      @ECHO:Creating desktop icons          COPY " %SSLdir%\SSL VPN connect_x86.lnk"          " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN connect.lnk"           COPY " %SSLdir%\SSL VPN disconnect_x86.lnk"       " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN disconnect.lnk"       @ECHO:      GOTO Display  )    :NoCopy  ECHO:  ECHO:  ECHO: This program must be extracted out from the .zip file and run from the same  ECHO:directory as the other SSL VPN files to work correctly! This batch file  ECHO:will not run from a .zip file or Windows zip folder. Make sure that all of the   ECHO:SSL VPN files are located in this same folder to be installed and   ECHO:registered with Windows. This install program will place a copy of the SSL   ECHO:VPN files in your start menu as well. To remove or uninstall these files,  ECHO:use the link in the start menu.  ECHO:    GOTO End    :Display  ECHO: The SSL VPN shortcuts have been installed.  ECHO:    IF EXIST " %ProgramFiles%\Fortinet\SslvpnClient\FortiSslvpnClient.exe"  (      ECHO: SSL VPN client is already installed. Skipping install of SSL VPN client      ECHO:version 4.0.2281.      ECHO:      GOTO End  ) ELSE (      IF EXIST " %ProgramFiles(x86)%\Fortinet\SslvpnClient\FortiSslvpnClient.exe"  (          ECHO: SSL VPN client is already installed. Skipping install of SSL VPN client          ECHO:version 4.0.2281.          ECHO:          GOTO End      ) ELSE (          IF EXIST " %ProgramFiles%\SSL VPN\Windows\SslvpnClient.exe"  (              ECHO: Please follow the instructions in the following software to install               ECHO:the Fortinet SSL VPN client software version 4.0.2281.              ECHO:              PAUSE              " %ProgramFiles%\SSL VPN\Windows\SslvpnClient.exe"               GOTO End          ) ELSE (              IF EXIST " %ProgramFiles(x86)%\SSL VPN\Windows\SslvpnClient.exe"  (                  ECHO: Please follow the instructions in the following software to install                   ECHO:the Fortinet SSL VPN client software version 4.0.2281.                  ECHO:                  " %ProgramFiles(x86)%\SSL VPN\Windows\SslvpnClient.exe"                   PAUSE                  GOTO End              )          )      )  )    :End  ECHO: Thank you  ECHO:  ECHO: Information Services Team ;-)                                             v1.3  ECHO:  PAUSE

Newbie77Author

New Member

Awesome I' ll try it out. Thanks so much.

Newbie77Author

New Member

I' ve decided to use the first script that you recommended but I' m having a hard time getting it to work. I' ve created a small batch file :GOTO END ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : IF VPN CLIENT PRESENT - GOTO END - DO NOTHING ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: :CHECK IF VPN CLIENT IS PRESENT IF EXIST " C:\Program Files (x86)\ dir\INSTALL1.DAT" GOTO END IF EXIST " C:\Program Files\dir\INSTALL1.DAT" GOTO END ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : INSTALLS VPN CLIENT ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: \\domainame\NETLOGON\directory name\sslvpnclient.msi" ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : PLACES INSTALL.DAT FILE AT LOCATION ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: ECHO VPNCLIENT INSTALLED!!! > " C:\Program Files\directory name\INSTALL1.DAT" ECHO VPNCLIENT INSTALLED!!! > " C:\Program Files (x86)\directory name\INSTALL1.DAT" ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: : Run the Registry File ::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::: regedit.exe " \\domainname\NETLOGON\directory name\registry\test.reg" The client installs but I get a registry error stating: " Cannot import \\domain name.... The specified file is not a registry script. Any input?

rwpatterson

New Member

Use the .exe instead of the .msi installer.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded