SSl VPN

Author
Newbie77
Bronze Member
  • Total Posts : 37
  • Scores: 0
  • Reward points: 0
  • Joined: 2013/04/23 09:03:59
  • Status: offline
2013/04/23 11:04:54 (permalink)
0

SSl VPN

Does anyone know how to customize the FortiClient SSL VPN (4.3.5.472). I want to package it up so that is already has the remote gateway, port , etc. I' ve only found the config for IPSEC. I need it for SSL. Any suggestions?
#1

6 Replies Related Threads

    rwpatterson
    Expert Member
    • Total Posts : 8539
    • Scores: 207
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    RE: SSl VPN 2013/04/23 12:02:40 (permalink)
    0
    Welcome to the forums.

    When using the Fortinet SSL VPN client, the entries are stored in the registry for SSL VPN. Copy the below into a text editor (notepad works very well for this), and change the text in red to suit your needs. When you are done, give it a ' .reg' extension, and right click > merge (or double click) it:

    Windows Registry Editor Version 5.00

    [HKEY_CURRENT_USER\Software\Fortinet]

    [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient]
    " ServerAddress" =" "
    " Installed" =dword:00000001
    " ServerPort" =" "
    " KeepConnectionAlive" =" "
    " DATA0" =" "
    " DATA1" =" "
    " DATA2" =" "
    " DATA3" =" "
    " DATA4" =" "
    " DATA5" =" "
    " DATA6" =" "
    " DATA7" =" "
    " DATA8" =" "
    " DATA9" =" "
    " ConnectionName" =" [color=red]MyServer[/color]"

    [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient\Tunnels]

    [HKEY_CURRENT_USER\Software\Fortinet\SslvpnClient\Tunnels\company]
    " Server" =" [color=red]secure.myserver.com(:port)[/color]"
    " DATA1" =" "
    " DATA2" =" "
    " Description" =" [color=red]Tunnel to my server[/color]"
    " DATA3" =" "
    " ServerCert" =" 1"

    Once you have created the .reg file, it can be executed from a batch file as you can also do with the SSL VPN client install. I have them chained where the SSL client first installs, then the .reg file is run afterward. Works well.

    Hope that helps
    < Message edited by rwpatterson -- 5/15/2013 7:55:37 PM >

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com
    -5.6.13-b1714: FWF80CM
    -5.2.13-b0762: FWF81CM, FWF80CM
    -5.0.14-b0323: FWF81CM, FWF80CM(3)
    -4.3.19-b0694: FWF81CM
    #2
    Newbie77
    Bronze Member
    • Total Posts : 37
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/04/23 09:03:59
    • Status: offline
    RE: SSl VPN 2013/04/29 09:23:24 (permalink)
    0
    Thanks for the reply. When you say you have them " chained" how did you do that? Did you create batch file within you GPO?

    I should have mentioned before that I' m creating this to be push by GPO.
    < Message edited by newbie77 -- 4/29/2013 10:51:10 AM >
    #3
    rwpatterson
    Expert Member
    • Total Posts : 8539
    • Scores: 207
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    RE: SSl VPN 2013/04/29 11:21:03 (permalink)
    0
    I created a stand alone batch file that I give to the end users to load on their remote desktops. I guess it could work if pushed by GPO, but we don' t force our home users to have AD authentication. I' ll provide a copy of the install file. (I removed my company' s name from the script. Should still work, but the directory will be just SSL VPN.

    REM installer for SSL VPN written by Bob Patterson 03/21/2013

    @ECHO off
    CLS

    SET SSLdir=%CD%
    IF NOT EXIST " %SSLdir%\uninstall.bat" GOTO NoCopy
    IF EXIST c:\Windows\SysWOW64 GOTO Win7
    IF EXIST c:\Windows\System32 GOTO Windows
    IF EXIST c:\WINNT\System32 GOTO WINNT
    @ECHO Cannot locate your version of Windows
    PAUSE
    GOTO End

    :Windows
    @ECHO Windows 98/XP based machine found.
    @ECHO:
    CD C:\Windows\System32
    GOTO Copy

    :WINNT
    @ECHO Windows NT based machine found.
    @ECHO:
    CD C:\WINNT\System32
    GOTO Copy

    :Win7
    @ECHO Windows 64 bit based machine found.
    @ECHO:
    CD c:\Windows\SysWOW64
    GOTO Copy

    :Copy
    REM Program Files copy
    REM 64 bit Windows copying
    IF EXIST " %ProgramFiles(x86)%" (
    @ECHO Copying files to " %ProgramFiles(x86)%\SSL VPN\"
    IF NOT EXIST " %ProgramFiles(x86)%\SSL VPN\" MKDIR " %ProgramFiles(x86)%\SSL VPN\"
    COPY " %SSLdir%\add registry entries.reg" " %ProgramFiles(x86)%\SSL VPN\add registry entries.reg"
    COPY " %SSLdir%\clear registry entries.reg" " %ProgramFiles(x86)%\SSL VPN\clear registry entries.reg"
    COPY " %SSLdir%\clear Fortinet registry entries.reg" " %ProgramFiles(x86)%\SSL VPN\clear Fortinet registry entries.reg"
    COPY " %SSLdir%\SSL VPN connect_x64.lnk" " %ProgramFiles(x86)%\SSL VPN\SSL VPN connect_x64.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x64.lnk" " %ProgramFiles(x86)%\SSL VPN\SSL VPN disconnect_x64.lnk"
    COPY " %SSLdir%\uninstall.bat" " %ProgramFiles(x86)%\SSL VPN\uninstall.bat"
    IF NOT EXIST " %ProgramFiles(x86)%\SSL VPN\Windows" MKDIR " %ProgramFiles(x86)%\SSL VPN\Windows"
    COPY " %SSLdir%\Windows_x64\" " %ProgramFiles(x86)%\SSL VPN\Windows\"
    @ECHO:
    REM Start Menu install
    IF NOT EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\" MKDIR " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"
    @ECHO Creating start menu icons
    IF EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\" (
    COPY " %SSLdir%\SSL VPN connect_x64.lnk" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN connect.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x64.lnk" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN disconnect.lnk"
    COPY " %SSLdir%\add registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\add registry entries.reg" "
    COPY " %SSLdir%\clear registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear registry entries.reg" "
    COPY " %SSLdir%\clear Fortinet registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear Fortinet registry entries.reg" "
    COPY " %SSLdir%\uninstall.bat" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\uninstall.bat"
    )
    @ECHO:
    REM Desktop install
    @ECHO Creating desktop icons
    COPY " %SSLdir%\SSL VPN connect_x64.lnk" " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN connect.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x64.lnk" " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN disconnect.lnk"
    @ECHO:
    GOTO Display
    )

    REM 32 bit Windows copying
    IF EXIST " %ProgramFiles%" (
    @ECHO Copying files to " %ProgramFiles%\SSL VPN\"
    IF NOT EXIST " %ProgramFiles%\SSL VPN\" MKDIR " %ProgramFiles%\SSL VPN\"
    COPY " %SSLdir%\add registry entries.reg" " %ProgramFiles%\SSL VPN\add registry entries.reg"
    COPY " %SSLdir%\clear registry entries.reg" " %ProgramFiles%\SSL VPN\clear registry entries.reg"
    COPY " %SSLdir%\clear Fortinet registry entries.reg" " %ProgramFiles%\SSL VPN\clear Fortinet registry entries.reg"
    COPY " %SSLdir%\SSL VPN connect_x86.lnk" " %ProgramFiles%\SSL VPN\SSL VPN connect.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x86.lnk" " %ProgramFiles%\SSL VPN\SSL VPN disconnect.lnk"
    COPY " %SSLdir%\uninstall.bat" " %ProgramFiles%\SSL VPN\uninstall.bat"
    IF NOT EXIST " %ProgramFiles%\SSL VPN\Windows" MKDIR " %ProgramFiles%\SSL VPN\Windows\"
    COPY " %SSLdir%\Windows_x86\*.*" " %ProgramFiles%\SSL VPN\Windows\*.*"
    @ECHO:
    REM Start Menu install
    IF NOT EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\" MKDIR " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\"
    @ECHO:Creating start menu icons
    IF EXIST " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\" (
    COPY " %SSLdir%\SSL VPN connect_x86.lnk" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN connect.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x86.lnk" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\SSL VPN disconnect.lnk"
    COPY " %SSLdir%\add registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\add registry entries.reg" "
    COPY " %SSLdir%\clear registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear registry entries.reg" "
    COPY " %SSLdir%\clear Fortinet registry entries.reg" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\clear Fortinet registry entries.reg" "
    COPY " %SSLdir%\uninstall.bat" " %SystemDrive%\Documents and Settings\All Users\Start Menu\Programs\SSL VPN\uninstall.bat"
    )
    @ECHO:
    REM Desktop install
    @ECHO:Creating desktop icons
    COPY " %SSLdir%\SSL VPN connect_x86.lnk" " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN connect.lnk"
    COPY " %SSLdir%\SSL VPN disconnect_x86.lnk" " %SystemDrive%\Documents and Settings\All Users\Desktop\SSL VPN disconnect.lnk"
    @ECHO:
    GOTO Display
    )

    :NoCopy
    ECHO:
    ECHO:
    ECHO: This program must be extracted out from the .zip file and run from the same
    ECHO:directory as the other SSL VPN files to work correctly! This batch file
    ECHO:will not run from a .zip file or Windows zip folder. Make sure that all of the
    ECHO:SSL VPN files are located in this same folder to be installed and
    ECHO:registered with Windows. This install program will place a copy of the SSL
    ECHO:VPN files in your start menu as well. To remove or uninstall these files,
    ECHO:use the link in the start menu.
    ECHO:

    GOTO End

    :Display
    ECHO: The SSL VPN shortcuts have been installed.
    ECHO:

    IF EXIST " %ProgramFiles%\Fortinet\SslvpnClient\FortiSslvpnClient.exe" (
    ECHO: SSL VPN client is already installed. Skipping install of SSL VPN client
    ECHO:version 4.0.2281.
    ECHO:
    GOTO End
    ) ELSE (
    IF EXIST " %ProgramFiles(x86)%\Fortinet\SslvpnClient\FortiSslvpnClient.exe" (
    ECHO: SSL VPN client is already installed. Skipping install of SSL VPN client
    ECHO:version 4.0.2281.
    ECHO:
    GOTO End
    ) ELSE (
    IF EXIST " %ProgramFiles%\SSL VPN\Windows\SslvpnClient.exe" (
    ECHO: Please follow the instructions in the following software to install
    ECHO:the Fortinet SSL VPN client software version 4.0.2281.
    ECHO:
    PAUSE
    " %ProgramFiles%\SSL VPN\Windows\SslvpnClient.exe"
    GOTO End
    ) ELSE (
    IF EXIST " %ProgramFiles(x86)%\SSL VPN\Windows\SslvpnClient.exe" (
    ECHO: Please follow the instructions in the following software to install
    ECHO:the Fortinet SSL VPN client software version 4.0.2281.
    ECHO:
    " %ProgramFiles(x86)%\SSL VPN\Windows\SslvpnClient.exe"
    PAUSE
    GOTO End
    )
    )
    )
    )

    :End
    ECHO: Thank you
    ECHO:
    ECHO: Information Services Team ;-) v1.3
    ECHO:
    PAUSE

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com
    -5.6.13-b1714: FWF80CM
    -5.2.13-b0762: FWF81CM, FWF80CM
    -5.0.14-b0323: FWF81CM, FWF80CM(3)
    -4.3.19-b0694: FWF81CM
    #4
    Newbie77
    Bronze Member
    • Total Posts : 37
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/04/23 09:03:59
    • Status: offline
    RE: SSl VPN 2013/04/29 12:44:44 (permalink)
    0
    Awesome I' ll try it out. Thanks so much.
    #5
    Newbie77
    Bronze Member
    • Total Posts : 37
    • Scores: 0
    • Reward points: 0
    • Joined: 2013/04/23 09:03:59
    • Status: offline
    RE: SSl VPN 2013/05/13 06:42:42 (permalink)
    0
    I' ve decided to use the first script that you recommended but I' m having a hard time getting it to work. I' ve created a small batch file

    :GOTO END

    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    : IF VPN CLIENT PRESENT - GOTO END - DO NOTHING
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    :CHECK IF VPN CLIENT IS PRESENT
    IF EXIST " C:\Program Files (x86)\ dir\INSTALL1.DAT" GOTO END
    IF EXIST " C:\Program Files\dir\INSTALL1.DAT" GOTO END


    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    : INSTALLS VPN CLIENT
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    \\domainame\NETLOGON\directory name\sslvpnclient.msi"


    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    : PLACES INSTALL.DAT FILE AT LOCATION
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    ECHO VPNCLIENT INSTALLED!!! > " C:\Program Files\directory name\INSTALL1.DAT"
    ECHO VPNCLIENT INSTALLED!!! > " C:\Program Files (x86)\directory name\INSTALL1.DAT"

    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::
    : Run the Registry File
    :::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::::

    regedit.exe " \\domainname\NETLOGON\directory name\registry\test.reg"

    The client installs but I get a registry error stating: " Cannot import \\domain name.... The specified file is not a registry script. Any input?
    #6
    rwpatterson
    Expert Member
    • Total Posts : 8539
    • Scores: 207
    • Reward points: 0
    • Joined: 2006/08/08 10:08:18
    • Location: Long Island, New York, USA
    • Status: online
    RE: SSl VPN 2013/05/13 07:45:22 (permalink)
    0
    Use the .exe instead of the .msi installer.

    Bob - self proclaimed posting junkie!
    See my Fortigate related scripts at: http://fortigate.camerabob.com
    -5.6.13-b1714: FWF80CM
    -5.2.13-b0762: FWF81CM, FWF80CM
    -5.0.14-b0323: FWF81CM, FWF80CM(3)
    -4.3.19-b0694: FWF81CM
    #7
    Jump to:
    © 2021 APG vNext Commercial Version 5.5