Hot!FortiClient ipsec.exe

Author
mister2x
Bronze Member
  • Total Posts : 25
  • Scores: 0
  • Reward points: 0
  • Joined: 2006/11/19 00:28:14
  • Status: offline
2006/11/27 12:56:39 (permalink)
0

FortiClient ipsec.exe

Hello,

I am currently working on realising the following scenario:

By executing a script/program the following should be done (things in brackets are already accomplished):

(- enable forticlient virtual adapter)
(- establish a vpn connection silently)
- run a program (rdp-conn)
- if vpn tunnel breaks re-establish the tunnel
- act on error conditions
(- if the program exits kill the vpn connection)
(- disable forticlient virtual adapter)

Enabling / Disabling the adapter is no problem (so the user does not always see the " cable unplugged" balloon message). Establishing a connection is also OK (although i would prefer this in a " silent mode" , e.g. no pop up window).

Do you have any suggestions on how to accomplish the following:

- check if the vpn tunnel has been established correctly (i use the ipsec.exe -b -k switches). I know I could ping the target server by script but this takes way to long as the user is waiting for the program to start. I' d prefer direct return values (exit codes) from ipsec.exe

- re-establish the vpn tunnel if it gets broken

- get errors from ipsec.exe (e.g. smartcard missing, host not responding, etc.)

Is there any help file including all parameters for ipsec.exe?

Thanks in advance!

Christian
< Message edited by Mister2x -- 11/27/2006 12:59:09 PM >
#1

5 Replies Related Threads

    vanc
    optimizzz
    • Total Posts : 937
    • Scores: 5
    • Reward points: 0
    • Joined: 2004/03/07 21:30:03
    • Location: The most beautiful place in the world
    • Status: offline
    RE: FortiClient ipsec.exe 2006/11/28 10:39:36 (permalink)
    0
    Maybe you can use this trick.

    ipsec.exe diag tunnel

    If there is a live tunnel, it will dump the parameters. If no tunnel available, dump nothing.

    You can check the dump every couple of seconds.
    #2
    mister2x
    Bronze Member
    • Total Posts : 25
    • Scores: 0
    • Reward points: 0
    • Joined: 2006/11/19 00:28:14
    • Status: offline
    RE: FortiClient ipsec.exe 2006/11/29 03:04:33 (permalink)
    0
    Thank you.

    Is there any further help to the ipsec.exe tool available? (command line switches, return codes and so on)
    #3
    vanc
    optimizzz
    • Total Posts : 937
    • Scores: 5
    • Reward points: 0
    • Joined: 2004/03/07 21:30:03
    • Location: The most beautiful place in the world
    • Status: offline
    RE: FortiClient ipsec.exe 2006/11/29 10:46:08 (permalink)
    0
    As the command line switch method is not officially supported, there is no document about that. Can only get the secrets from the development team.
    #4
    TheTech
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/01/10 22:47:23
    • Status: offline
    Re: RE: FortiClient ipsec.exe 2019/01/10 22:56:52 (permalink)
    0
    Sorry for the late answer (13 years!...)
     
     
    @echo off
    cd "c:\Program Files\Fortinet\FortiClient"
    :repeat
    echo Launching FortiClient IPSEC....
    ipsec -b -k switches
    if %errorlevel% gtr 0 goto error
    :CheckConnection
    ping -n 1 hostname 
    if %errorlevel% gtr 0 goto CheckConnection
    echo Connected!
    echo Launching hostname RDP...
    start mstsc xxxxxx.RDP
    exit
    :error
    echo Error! %errorlevel Trying again...
    goto repeat
     
     
    You can use also -w timeout to let the single ping enough time to accomplish.
    post edited by TheTech - 2019/01/11 11:28:47
    #5
    BrUz
    Gold Member
    • Total Posts : 398
    • Scores: 6
    • Reward points: 0
    • Joined: 2011/09/30 01:26:25
    • Location: Norway
    • Status: online
    Re: FortiClient ipsec.exe 2019/01/11 00:12:14 (permalink)
    0
    mister2x
    (- if the program exits kill the vpn connection)
    (- disable forticlient virtual adapter)

    If program exist you can use tasklist.exe
    Taskkill.exe to kill

    Fortigate <3
    #6
    Jump to:
    © 2019 APG vNext Commercial Version 5.5