Connect FortiClient IPsec VPN via Ubuntu 18.04 KDE
You should check out Strongswan which is the recommended IPSec initiator-responder in Ubuntu. You can install it from Ubuntu's repository i.e.: sudo apt-get install strongswan
.
There are many ways to configure it: editing the legacy ipsec.conf
file or using the swanctl
tool. To install swanctl simply use sudo apt-get install strongswan-swanctl
. If you're using Ubuntu Desktop then you can use the GUI to configure Strongswan just install the Strongswan module for Network Manager (sudo apt-get install network-manager-strongswan
).
Command line config
A swanctl example config should look something like this:
- Create a new cofig file into
/etc/swanctl/config.d/
(work.conf
or whatever) -
Open that file with your favourite editor and setup the proper config which is going to be something like this:
connections { ikev1-psk-xauth { dpd_delay = 30 dpd_timeout = 90 version = 1 remote_addrs = vpn.yourcompany.com local-1 { auth = psk } local-2 { auth = xauth xauth_id = username } remote-1 { auth = psk } children { ikev1-psk-xauth { remote_ts = 0.0.0.0/0 dpd_action = restart close_action = start start_action = start } } } } secrets { ike-psk-remote { id = vpn.yourcompany.com secret = "this-is-the-shared-password" } ike-psk-local { id = username secret = "this-is-the-user-xauth-password" } }
Save the config file then issue swanctl --load-all
to start the connection. To check the status issue swanctl --list-sas
and check out that the SAs are up and running.
This config is not tested and probably wont work as it is.
GUI config
Here is a guide with screenshots too: https://wiki.strongswan.org/projects/strongswan/wiki/NetworkManager
Related videos on Youtube
Borjovsky
Updated on September 18, 2022Comments
-
Borjovsky over 1 year
I have just installed FortiClient 6.0.0.0029 in Ubuntu 18.04 - KDE.
I'm not shure, but looks like Linux's FortiClient has only SSL connection but not IPsec (which I need)...
Works ok in Windows 10, but mine has some bugs and I prefer to work with Ubuntu whenever possible. There is a form with:
- Connection type (SSL-VPN / IPsec VPN)
- Connection Name
- Description
- Remote Gateway
- Authentication Method (PreShared key in my case)
- Authentication (XAuth)
- Username
My company sent me only the data to fill that form, but I can't find anything like that in Ubuntu's version of FortiClient6.
Does anyone know an alternative to connect with linux, using that data? Maybe I don't need to use FortiClient specifically.
Thanks in advance!
-
bertieb almost 6 yearsWelcome to Super User! Please read how to recommend software in answers, particularly the bits in bold; then edit your answer to follow the guidelines there. Thanks!
-
Borjovsky almost 6 yearsNow that's what I call explanation! Thanks, I will try it as soon as possible!
-
Dominik Stańczak about 4 yearsI downvoted your answer because openfortivpn does not do IPSEC, just SSL.