Connect to a Fortinet VPN with Ubuntu
Solution 1:
If you use SSL based VPN from Fortinet, you can use openfortivpn software which is part of Ubuntu and Fedora.
$ sudo apt install -y openfortivpn || yum install -y openfortivpn
$ touch openfortivpn.conf
$ chmod go= openfortivpn.conf
Edit openfortivpn.conf:
host =
port =
username =
password =
# trusted-cert =
Connect the first time:
$ sudo openfortivpn -c openfortivpn.conf
ERROR: Gateway certificate validation failed, and the certificate digest in not in the local whitelist. If you trust it, rerun with:
ERROR: --trusted-cert <some-random-string-to-add-to-trusted-cert>
Edit openfortivpn.conf file and update trusted-cert
option with the string from the error. Make sure the option is not commented (remove the #
).
Each time you need to connect, run:
sudo openfortivpn -c openfortivpn.conf
You could also do it straight through the command line and make an alias for it in your .bashrc
. This is less secure as any user on the system will be able to see the password using ps
.
sudo openfortivpn -u <USER> -p <PASSWORD> --trusted-cert <CERTIFICATE> <SERVER>:<PORT>
To disconnect press: Ctrl+C
Solution 2:
Fortinet is just an IPSEC VPN server - you don't specifically need their client to connect to it. The IPSEC HOWTO details a list of various options you have for setting up a Linux VPN client. There are also a few commercial linux IPSec clients such as Shrewsoft.