Hot!Where to set script on Fortigate firewall for SSL VPN to map network drive on connect?

Author
JayL
New Member
  • Total Posts : 9
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/02 12:54:45
  • Status: offline
2019/09/02 13:00:41 (permalink)
0

Where to set script on Fortigate firewall for SSL VPN to map network drive on connect?

I know I can export the Forticlient configuration, edit it and then restore it that way. But when you have a lot of VPN users that's just not practical. Is there a way that when users connect to the Fortigate firewall using Forticlient VPN, the firewall tells the client to run a script like mapping network drive etc? I did quite some google search but couldn't find the right answer. Thanks.
#1

8 Replies Related Threads

    JayL
    New Member
    • Total Posts : 9
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/02 12:54:45
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/12 10:59:32 (permalink)
    0
    No suggestions after a week. I guess it's a no then. Hope they can add this feature in the future.
    #2
    Dave Hall
    Expert Member
    • Total Posts : 1504
    • Scores: 165
    • Reward points: 0
    • Joined: 2012/05/11 07:55:58
    • Location: Canada
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/12 14:03:07 (permalink)
    0
    A google search seems to imply the following link....
     

    Mapping a network drive after tunnel connection

    The script maps a network drive and copies some files after the tunnel is connected.
    <on_connect>
    <script>
    <os>windows</os>
    <script>
    <script>
    <![CDATA[
    net use x: \\192.168.10.3\ftpshare /user:Honey Boo Boo
    md c:\test
    copy x:\PDF\*.* c:\test
    ]]>
    </script>
    </script>
    </script>
    </on_connect>
     


    Also check out the full XML Reference scripting section.
     
    YMMV.
     

    NSE4/FMG-VM64/FortiAnalyzer-VM/5.4/6.0 (FWF40C/FW92D/FGT200D/FGT101E)/ FAP220B/221C
    #3
    JayL
    New Member
    • Total Posts : 9
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/02 12:54:45
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/13 04:20:08 (permalink)
    0
    Dave Hall
    A google search seems to imply the following link....
     

    Mapping a network drive after tunnel connection

    The script maps a network drive and copies some files after the tunnel is connected.
    <on_connect><script><os>windows</os><script><script><![CDATA[net use x: \\192.168.10.3\ftpshare /user:Honey Boo Boomd c:\testcopy x:\PDF\*.* c:\test]]></script></script></script></on_connect> 


    Also check out the full XML Reference scripting section.
     
    YMMV.
     




    Hi Dave, thanks for the reply. But my question is really how to deploy the scripts centrally when you have hundreds of clients. I already  know how to make the script, I also know how to do it on each individual client. But I want to find a way that you set up the script on the firewall and the client gets the script when they connect.
     
    Found an answer in the other thread someone mentioned the FortiClient Configurator Tool  which can make a customized MSI installation file. It will archive what I want to do although not ideal, plus it requires license which means more cost.
    post edited by JayL - 2019/09/13 04:32:47
    #4
    emnoc
    Expert Member
    • Total Posts : 5301
    • Scores: 347
    • Reward points: 0
    • Joined: 2008/03/20 13:30:33
    • Location: AUSTIN TX AREA
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/13 04:59:59 (permalink)
    0
    Nothing free , vendors has to make money.  The other option is to run a power-shell script on boot up that pulls in the cfg. This would doable depending on how crafty your win-AD team members are.
     
    Ken Felix
     

    PCNSE,  NSE , Forcepoint ,  StrongSwan Specialist
    #5
    JayL
    New Member
    • Total Posts : 9
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/02 12:54:45
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/16 06:10:15 (permalink)
    0
    emnoc
    Nothing free , vendors has to make money.  The other option is to run a power-shell script on boot up that pulls in the cfg. This would doable depending on how crafty your win-AD team members are.
     
    Ken Felix
     




    I agree they need to make money. But to require license on a tool like this is like nickel and dime.
    #6
    Kenundrum
    Gold Member
    • Total Posts : 150
    • Scores: 15
    • Reward points: 0
    • Joined: 2008/05/15 10:25:50
    • Location: Rhode Island, US
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/16 10:41:21 (permalink)
    0
    This is a function that is directly integrated into Forticlient EMS. I know- it's another license, but it's relatively inexpensive and is way more convenient for managing forticlient configurations.

    NSE4
    Some FGT500Es, 500Ds, 60Ds at work
    FWF60E, FWF80CM at home
    #7
    Elthon Abreu
    Bronze Member
    • Total Posts : 50
    • Scores: 2
    • Reward points: 0
    • Joined: 2014/04/29 11:37:55
    • Location: Brazil
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/18 08:35:55 (permalink)
    0
    JayL,
     
    I had the same need and I solved my problem with persistent mapping on my AD Mapping GPO. So when my users connect to my VPN the map driver will be available. Any other solution, probably, willl require investments.
     
    Kind regards,

    Elthon Abreu
    FCNSA v5
    #8
    JayL
    New Member
    • Total Posts : 9
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/02 12:54:45
    • Status: offline
    Re: Where to set script on Fortigate firewall for SSL VPN to map network drive on connect? 2019/09/18 10:28:58 (permalink)
    0
    elthon.abreu
    JayL,
     
    I had the same need and I solved my problem with persistent mapping on my AD Mapping GPO. So when my users connect to my VPN the map driver will be available. Any other solution, probably, willl require investments.
     
    Kind regards,




    Thanks for the solution, gotta think out of the box sometimes :)
    #9
    Jump to:
    © 2019 APG vNext Commercial Version 5.5