This is a work in progress, I will be... Full Story
By Manny Fernandez
August 11, 2019
Installing FortiClient on Ubuntu Linux for SSL VPN
I ran Windows as my main Desktop OS for many years. When XP came out, I decided to move to Linux as my main OS. Since I was always in the CLI anyhow, and SSH was built-in, I did not have to use Putty which I despise. Then I was at a CCIE Security Boot-Camp in San Jose when I dropped my laptop. It was two days into a two week bootcamp. I had to buy another laptop. A classmate that worked at Cisco’s TAC that was taking the bootcamp offered to take me to the Apple Store. I said “What the hell”. I was already in the hole for like 20K so what was another few thousand dollars. I did it and loved Apple ever since. I do always miss my Linux. I call it “The Poor Man’s Mac” If I could not purchase a Mac, I would absolutely be running Linux again. Even today, I run a VM of Ubuntu.
In this post, I will configure FortiClient to connect to a Fortigate running the SSL VPN. You will need to get the Forticlient for Linux file. I will update it here if it is allowed.
- Once you have the file, create a folder (e.g. sudo mkdir /opt/SSLVPN)
- Copy or move the file into this folder.
- You will now need to extract the file
You can do this by right clicking in the GUI and choosing ‘Open With Archive Manager’
If you want to extract it in the CLI run the following command:
tar -xxvf forticlientsslvpn_linux_4.4_2336.tar.gz
Now that it is extracted, we can go in and run the script.
In the screenshot above, we can see the changing of the directory cd /opt
and then changing into the SSLVPN cd SSLVPN
and finally, the running of the script ./fortisslvpn.sh
When you run the script, you will be presented with some pop-ups
Read the EULA and if you agree to the terms, press Agree
You can now create a Connection
A. IP address or FQDN
B. Your username (if not entered, you will be prompted)
C. Password (if not entered, you will be prompted)
Click on the +
sign and fill in the pertinent information. Once you name the connection and fill in the info, choose Create
Once you are done, click Done
Now you are ready to connect.
Choose the connection you created and click Connect
. Not that you CAN add the certificate and a password for said certificate.
In my case, I am using an untrusted certificate and you will get a similar error. Hit Continue
. In a production environment, buy a certificate.
In my case, FortiToken is being used for MFA. I am prompted for the OTP and then I hit OK
This is me trying to ping 172.20.180.254
and we can see the VPN is not up and I am unable to ping. Once I connect with the VPN,
Recent posts
-
-
I have been playing with the free version of... Full Story
-
In my day job, I am on a lot... Full Story