Shreyas Jani

I'm a web designer & software engineer based out of Mumbai.

I write about technology & love documenting the world around me through photography.

Using Forticlient VPN from the commandline

6 June 2020

On Ubuntu, forticlient provides a GUI based app that lets you connect to a VPN. You can also connect to forticlient's VPN from the CLI.

openfortivpn is a cli based client for PPP+SSL VPN tunnel services.

To install on Ubuntu, run:

→ sudo apt install -y openfortivpn

→ touch openfortivpn.conf

→ chmod go= openfortivpn.conf

Edit openfortivpn.conf:

host = enter the host ip

port = enter the port number

username = enter the username

password = enter the password

# trusted-cert =

save file and exit

Connect the first time by running → sudo openfortivpn -c openfortivpn.conf. It should result into the following output:

ERROR: Gateway certificate validation failed, and the certificate digest in not in the local whitelist. If you trust it, rerun with:

ERROR: --trusted-cert <some-random-string-to-add-to-trusted-cert>

Edit openfortivpn.conf file and update trusted-cert option with the string from the error. Make sure the option is not commented by removing the #.

Each time you need to connect, run: → sudo openfortivpn -c openfortivpn.conf. You could also set an alias in your .zshrc. Disconnect using ctrl + c.