3) Configuration of the GUI FortiClient SSLVPN
- Via the file explorer, right-click on the file and extract its files. Open the folder that matches the architecture of your Linux distribution and run ‘forticlientsslvpn’
- Via Linux Terminal, go to the folder where the file has been downloaded and extract it with tar –xvf forticlientsslvpn_linux<version>.tar.gz
- Open the FortiClient folder, and run ./fortisslvpn.sh & (if you know Linux distribution, open either 32Bits or 64bits folder and run ./forticlientsslvpn & )
- Under either 32bits or 64bits folder, you can find the CLI version of FortiClient
4) Configuration of the CLI SSLVPN Client
- Type the IP of FortiGate and port, username/password and click on ‘Connect’
- If the SSL VPN connection requires Proxy, certificate or other advance settings, click on ‘Settings’
- Under ‘Settings’, more SSL VPN profiles can be added by clicking on ‘+’ button.
- If a certificate warning is displayed, click on ‘Continue’ to proceed
- Once connected, check which IP has been assigned by running ‘ifconfig’. The name of the interface is ppp0 and the routing table with ‘route’
- Run ./forticlientsslvpn_cli to display all available configuration options
- If the SSL VPN connection only requires username/password, run: ./forticlientsslvpn_cli --server <IP of the FortiGate>:<port> --vpnuser <username>
- Press Enter and FortiClient will request the password for the username.
- If the connection is successful, a STATUS::Connected message will be displayed, otherwise if the password is incorrect, error ‘SSLVPN down unexpectedly with error:2’ will appear.