Created on
03-19-2018
09:09 AM
Edited on
06-21-2023
01:40 AM
By
Anthony_E
Description
This article describes how to use the FortiClient SSL VPN from the command line.
Scope
FortiClient 5.4.5
Solution
The full FortiClient installation cannot be used for command line VPN tunnel access.
Download 'SSLVPNcmdline' from our support site: https://support.fortinet.com/.
Command Line Usage
Usage: FortiSSLVPNclient.exe <subcommand> [options] [args]
e.g. FortiSSLVPNclient.exe connect -s MyCompanyName i -m -q (No Certificate)
e.g. FortiSSLVPNclient.exe connect -s MyCompanyName -c FCT.net:earth-EARTH-CA -i -m -q (with Certificate)
Commands
Syntax Switch Command -s <connection settings name> -h <sslvpn server>[:<port>] -u <sslvpn username>[:<password>] -c <certificate subject>[:<issuer>] -i Ignore server certificate warning -q Quiet mode (no error message box) -m Minimize window on connection
Sub-Commands
connect Start a connection disconnect Disconnect from your session
Usage
To connect FortiSSLVPNclient.exe connect [options] [args] To disconnect FortiSSLVPNclient.exe disconnect [options] [args]
Notes
FortiClient 5.6.1 and newer:
Certificates:
- Added command-line option '-q' to support 'QuietMode' of FortiSSLVPNclient.exe
- When 'QuietMode' is enabled, no error will be prompted on network failure.
- If both 'QuietMode' and 'KeepAlive' are enabled, FortiSSLVPNclient.exe will retry to establish a connection, even if the first time attempt to connect results in failure.
When using Client Certificates, specify the Following on the FortiGate SSL VPN Settings:
# config vpn ssl settings
set reqclientcert enable
end
Link to download FortiClient:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.