Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
FortiKoala
Staff
Staff

Created on ‎03-19-2018 09:09 AM Edited on ‎08-28-2024 05:52 AM By Moderator

Article Id 192581

Technical Tip: How to use FortiClient SSL VPN from the CLI

Description

 

This article describes how to connect the FortiClient SSL VPN from the command line.

Scope

 

FortiClient.


Solution

 

The full FortiClient installation cannot be used for command line VPN tunnel access.
To use FortiClient in the command link, FortiClientTools is required. To download and use FortiClientTools: 

  1. Navigate to the support site: https://support.fortinet.com/ -> Support -> Firmware Download.
  2. Select Product = FortiClient -> Download -> Select corresponding version -> Download the FortiClientTools zip file. 
  3. Extract FortiClientTools.
  4. From the command prompt on the client computer, navigate to the SSLVPNcmdline folder. For example: 'cd C:\Users\Fortinet\Downloads\FortiClientTools_7.4.0.1658\SSLVPNcmdline\x64'.
  5. Run 'FortiSSLVPNclient.exe'. A pop-up will appear. 

    SSLVPN.PNG

     

  6. Enter Connection Name, Server Address, Username, Password, Client Certificate (If required).
    Note: Enable 'Do not warn about server certificate validation failure' if a client certificate is being used.
  7. Select 'Connect'.

 

Notes:

 

To connect from the command prompt only without getting the pop-up, all information must be specified as follows:

 

FortiSSLVPNclient.exe connect -s connection_name -h FortiGate_IP:port -u username:password i -m -q

 

For example: 

 

FortiSSLVPNclient.exe connect -s MyCompanyName -h 192.168.10.1 -u guest:vpn123 i -m -q

 

Command Line Usage:

 

Usage:  FortiSSLVPNclient.exe <subcommand> [options] [args]

e.g. FortiSSLVPNclient.exe connect -s MyCompanyName  i -m -q (No Certificate)
e.g. FortiSSLVPNclient.exe connect -s MyCompanyName -c FCT.net:earth-EARTH-CA -i -m -q (with Certificate)

 

Commands

Syntax
 Switch
-s
 <connection settings name>
-h <sslvpn server>[:<port>]
-u
 <sslvpn username>[:<password>]
-c
 <certificate subject>[:<issuer>]
-i
 Ignore server certificate warning
-q
 Quiet mode (no error message box)
-m
 Minimize window on connection


Sub-Commands

connect
 Start a connection
disconnect
 Disconnect from the session


Usage

To connect
 FortiSSLVPNclient.exe connect [options] [args]
To disconnect
 FortiSSLVPNclient.exe disconnect [options] [args]

 

Link to download FortiClient:

Fortinet Product Downloads

159441
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.