FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
vhitnal
Staff
Staff
Article Id 197543

Description

 

This article explains how to activate the 'Save Password', 'Auto Connect' and 'Always Up' options in FortiClient.

ctanev_FD36785_tn_FD36785.jpg

 

Scope

 

FortiGate.


Solution

 

The 'Save Password', 'Auto Connect' and 'Always Up' options in FortiClinet depend upon the VPN (IPsec) or SSL VPN configuration of the FortiGate device.  These can be enable from the CLI as shown below.

For SSL VPN:
 
config vpn ssl web portal
   edit [portal_name_str]
      set auto-connect enable
      set save-password enable
      set keep-alive enable
   end
 
For IPsec:
 
config vpn ipsec phase1-interface
   edit [vpn name]
      set save-password enable
      set client-auto-negotiate enable
      set client-keep-alive enable
   end
end
 
Note :
*. vpn auto-connect/always-up  features are not supported in the FortiClient 6.2.X onwards for free version.
 
 
  • In some cases, when setting the client auto negotiate option and client-keep-alive option we could come across the following error,

 

error.PNG

 

  • This is due to unity-support option; unity-support: Enable/disable support for Cisco UNITY Configuration Method extensions.
  • To resolve this problem unset the unity-support option and then it is possible to successfully set the keep alive and auto-negotiate options.

 

unity disable.PNG

 

 

Note:

The following features are not supported in the FortiClient 6.2.X - 7.0.2 v free versions:

 

  • VPN auto-connect/always-up.
  • VPN before logon.
  • On-net/off-net.
  • Host check features.
  • Central management
  •  No feedback option & no diagnostic tool under help/info page.
  • IKEv2 is not supported on FortiClient 6.2.x free version.
  • TAC support.

 

Related article:

Technical Tip: FortiClient licensing and support

Comments
Anonymous
Not applicable