Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vhitnal
Staff
Staff

Created on ‎07-17-2015 02:51 AM Edited on ‎06-05-2025 06:57 PM By Moderator

Article Id 197543

Technical Tip: How to activate 'Save Password', 'Auto Connect', and 'Always Up' in FortiClient

Description

 

This article explains how to activate the 'Save Password', 'Auto Connect' and 'Always Up' options in FortiClient.
ctanev_FD36785_tn_FD36785.jpg

 

Scope

 

FortiGate.


Solution

 

The 'Save Password', 'Auto Connect', and 'Always Up' options in FortiClient depend upon the VPN (IPsec) or SSL VPN configuration of the FortiGate device.  These can be enabled from the CLI as shown below.

For SSL VPN:
 
config vpn ssl web portal
    edit [portal_name_str]
        set auto-connect enable
        set save-password enable
        set keep-alive enable
end
 
For IPsec:
 
config vpn ipsec phase1-interface
    edit [vpn name]
        set save-password enable
        set client-auto-negotiate enable
        set client-keep-alive enable
    end
end
 
Note:
*. vpn auto-connect/always-up features are not supported in the FortiClient 6.2.X onwards for the free version.
 
 
  • In some cases, when setting the client auto negotiate option and client-keep-alive option, it is possible to encounter the following error:

 

error.PNG

 

  • This is due to the unity-support option; unity-support: Enable/disable support for Cisco UNITY Configuration Method extensions.
  • To resolve this problem unset the unity-support option and then it is possible to successfully set the keep alive and auto-negotiate options.

 

unity disable.PNG

 

Note:

The following features are not supported in the FortiClient 6.2.X - 7.0.2 v free versions:

 

  • VPN auto-connect/always-up.
  • VPN before logon.
  • On-net/off-net.
  • Host check features.
  • Central management
  •  No feedback option & no diagnostic tool under help/info page.
  • IKEv2 is not supported on FortiClient 6.2.x free version.
  • TAC support.

 

Note:

v5.0 up to v6.4 are out of engineering support. These commands might be different on higher versions. Consider upgrading the firmware level on the device to a supported version (v7.0 up to v7.6). Her,e check the firmware path and compatibility depending on the hardware.

 

Related documents:

Technical Tip: FortiClient licensing and support
Configuring autoconnect with username and password authentication 

57856
Suggest New Article
Article Feedback
Comments
Anonymous
Not applicable
‎12-21-2022 01:59 PM

 

 

Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.