Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
mister2x
New Contributor

Created on ‎11-27-2006 12:56 PM

FortiClient ipsec.exe

Hello, I am currently working on realising the following scenario: By executing a script/program the following should be done (things in brackets are already accomplished): (- enable forticlient virtual adapter) (- establish a vpn connection silently) - run a program (rdp-conn) - if vpn tunnel breaks re-establish the tunnel - act on error conditions (- if the program exits kill the vpn connection) (- disable forticlient virtual adapter) Enabling / Disabling the adapter is no problem (so the user does not always see the " cable unplugged" balloon message). Establishing a connection is also OK (although i would prefer this in a " silent mode" , e.g. no pop up window). Do you have any suggestions on how to accomplish the following: - check if the vpn tunnel has been established correctly (i use the ipsec.exe -b -k switches). I know I could ping the target server by script but this takes way to long as the user is waiting for the program to start. I' d prefer direct return values (exit codes) from ipsec.exe - re-establish the vpn tunnel if it gets broken - get errors from ipsec.exe (e.g. smartcard missing, host not responding, etc.) Is there any help file including all parameters for ipsec.exe? Thanks in advance! Christian
5993
0 Kudos
5 REPLIES 5
vanc
New Contributor II

Created on ‎11-28-2006 10:39 AM

Maybe you can use this trick. ipsec.exe diag tunnel If there is a live tunnel, it will dump the parameters. If no tunnel available, dump nothing. You can check the dump every couple of seconds.
3487
0 Kudos
mister2x
New Contributor

Created on ‎11-29-2006 03:04 AM

Thank you. Is there any further help to the ipsec.exe tool available? (command line switches, return codes and so on)
3488
0 Kudos
vanc
New Contributor II

Created on ‎11-29-2006 10:46 AM

As the command line switch method is not officially supported, there is no document about that. Can only get the secrets from the development team.
3488
0 Kudos
TheTech
New Contributor
In response to vanc

Created on ‎01-10-2019 10:56 PM

Sorry for the late answer (13 years!...)

 

 

@echo off

cd "c:\Program Files\Fortinet\FortiClient"

:repeat echo Launching FortiClient IPSEC.... ipsec -b -k switches if %errorlevel% gtr 0 goto error

:CheckConnection ping -n 1 hostname  if %errorlevel% gtr 0 goto CheckConnection

echo Connected! echo Launching hostname RDP... start mstsc xxxxxx.RDP exit :error echo Error! %errorlevel Trying again... goto repeat

 

 

You can use also -w timeout to let the single ping enough time to accomplish.

3488
0 Kudos
GusTech
Contributor II

Created on ‎01-11-2019 12:12 AM

mister2x wrote:
(- if the program exits kill the vpn connection) (- disable forticlient virtual adapter)
If program exist you can use tasklist.exe

Taskkill.exe to kill

Fortigate <3

Fortigate <3
3488
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.