Difference between revisions of "Forticlient VPN Setup"

From The University of Akron Support Wiki
Jump to: navigation, search
(Update FortiClient Information)
(Added links to individual pages)
 
Line 18: Line 18:
 
To download FortiClient please click the following link: <big>https://uazips.sharepoint.com/sites/software/SitePages/Home.aspx</big><br>
 
To download FortiClient please click the following link: <big>https://uazips.sharepoint.com/sites/software/SitePages/Home.aspx</big><br>
  
=Windows & MacOS Setup=
+
=Windows Setup=
(Forticlient is available, with offical support for Windows 7 or higher, Mac OS v10.8 or higher.)
+
(Forticlient is available with official support for Windows 7 or higher)
  
<b>For detailed instructions on downloading and setting up FortiClient for Windows or MacOS please click [https://www.uakron.edu/helpdesk/information/documents/CampusVPNInstall_Instructions+-+New+Link.pdf?language_id=1 here].</b>
+
Please click [[Windows VPN Setup|here]] to visit the [[Windows VPN Setup]] page.  
* The above guide uses Windows, but the process for MacOS is nearly identical.
+
<br>
+
  
If you only need information on setting up a new VPN connection in FortiClient, please see the image below:
+
=MacOS Setup=
<br>
+
(Forticlient is available with official support for Mac OS v10.8 or higher.)
[[Image:VpnSetup.PNG|600px]]
+
  
==Update FortiClient Information==
+
Please click [[Mac VPN Setup|here]] to visit the [[Mac VPN Setup]] page.
If FortiCient VPN is already configured and you need to change it, click on the gear (or 3 dots depending on the version of FortiClient) that is located on the right hand side of the <b>Remote Accesss</b> login page to change the saved information. The location of the gear or 3 dots icon can be seen in the screenshots below:
+
 
+
[[Image:gearFortiClient.png|600px]]
+
<br>
+
<br>
+
[[Image:Forti_with_dots_circled.png|600px]]
+
  
 
=Linux Setup=
 
=Linux Setup=
  
<br><b>Fortigate Supported Linux Distributions</b><br>
+
Please click [[Linux VPN Setup|here]] to visit the [[Linux VPN Setup]] page.
<p>If you are running Fedora, CentOS, or Ubuntu, please follow the instructions for installation at Fortigate's support site to install from their application repositories.</p>
+
<p>'''https://www.forticlient.com/repoinfo'''</p>
+
<p>Once installed, please configure according to the instructions starting at step 11) below.</p>
+
 
+
<br><b>Other Distributions</b><br>
+
<p>If you are running a different distribution Than the ones that Fortigate supports, you need the statically compiled version.  Instructions for installation are below.</p>
+
<p>Tested on Ubuntu 18.04.  The appearance of your windows may vary based on your system's configuration.</p>
+
<p><u>Note:</u> This procedure requires root privileges on the Linux workstation.</p>
+
 
+
===GUI Version===
+
<table border="1" cellspacing="0" cellpadding="2" width="1000">
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''1.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''1 -''' Download a copy of the Fortinet SSL VPN Client for Linux to your Computer: [https://uazips.sharepoint.com/:u:/s/software/EY0PAvQbx25ItyCRzFiqc9wBT9dIkBhpzmVDnA8vjJUzuw?e=3ftoOz Click Here to Download] </p>
+
  <p>'''2 -''' In the file manager, navigate to the folder containing this file.</p>
+
  <p>'''NOTE: ''' You will need to sign into Microsoft Online with your UAkron email and password in order to download the installer.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_1.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''2.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''Right click''' the archive and select '''Extract Here'''.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_2.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''3.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''Open''' the newly extracted folder.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_3.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''4.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Navigate to the '''forticlientsslvpn folder'''.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_4.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''5.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Navigate to the '''64bit''' folder if your machine has a 64-bit processor. If not, navigate to the '''32bit''' foklder.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_5.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''6.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Double click the '''forticlientsslvpn file'''.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_6.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''7.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Follow the prompts to grant privileges and accept the license agreement.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_7.png]]<p> </p>[[File:Linux_VPN_8.png]]<p> </p>[[File:Linux_VPN_9.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''8.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''1 -''' The first time you run the client, you must configure the profile.</p>
+
  <p>'''2 -''' Click on '''Settings'''.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_10.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''9.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>On the settings screen, click the '''+ button''' in the '''lower left corner''' to add a connection profile.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_11.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''10.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Configure the profile to connect to '''vpn.uakron.edu on port 443'''.</p>
+
  <p>'''NOTE:''' that the default is 10443, which is not correct.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_12.png]]</td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''11.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Click the '''create button'''. You now can select the newly created profile and '''connect with your UANET credentials'''. A successful connection will result in a window showing traffic flowing in each direction. </p>
+
  <p>'''NOTE:''' If presented with a certificate error, accept it to continue.</p>
+
  <p>For connections in the future, just double click the forticlientsslvpn file as above – you will not need to repeat the configuration process. You may wish to create a shortcut to this file in your launcher or desktop. The procedure for that varies by distribution.</p>
+
  </td>
+
  <td align="center" valign="center" width="151">[[File:Linux_VPN_13.png]]</td>
+
</tr>
+
</table>
+
 
+
===CLI Version===
+
<table border="1" cellspacing="0" cellpadding="2" width="800">
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''1.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''NOTE: ''' This method requires iproute (or iproute2) & ppp.</p>
+
  <p>With root privileges, copy '''Forticlient SSLVPN tarball''' to an appropriate location, such as '''/usr/local/sbin/'''.</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''2.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Change directory to location of tarball file and, with root privileges, '''extract Forticlient SSLVPN tarball''':</p>
+
  <p></p> 
+
  <p>'''cd /usr/local/sbin/'''</p>
+
  <p>'''tar -xvzf forticlientsslvpn_linux_version.tar.gz'''</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''3.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Change directory to the location of the setup script appropriate to your architecture (32-bit or 64-bit):</p>
+
  <p>'''cd forticlientsslvpn/64bit/helper/'''</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''4.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>With root privileges, run the setup script and accept the license:</p>
+
  <p>'''./setup.linux.sh'''</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''5.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>Change directory to the parent of the current directory,which in this case would be '''forticlientsslvpn/64bit/''':</p>
+
  <p>'''cd ../'''</p>
+
  <p>'''NOTE: Full path should be /usr/local/sbin/forticlientsslvpn/64bit/'''</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''6.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>With root privileges, run the GUI-based client to configure the VPN connection parameters:</p>
+
  <p>'''./forticlientsslvpn'''</p>
+
  <p>On the main screen, click the '''Settings''' button.</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''7.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>On the settings screen, '''click the + button''' at the bottom of the '''Connection Profiles column''' to create a new profile.</p>
+
  <p>In this case, the profile is simply named '''ua'''.</p>
+
  <p>'''Enter the following:'''</p>
+
  <p>    -The name or IP address of the VPN server - '''vpn.uakron.edu'''</p>
+
  <p>    -The port on which it is listening for connections - '''443'''</p>
+
  <p>    -Your '''UANet ID''' and '''password'''.</p>
+
  <p>Click '''Done''' and then '''quit the forticlientsslvpn application'''.</p>
+
  <p>'''Note:''' It seems to be a quirk of the application, but you must quit and restart it when you change settings, such as changing your password.</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''8.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>With root privileges, run the GUI-based client and click the '''Connect''' button.</p>
+
  <p>If all goes well, a connection status window should appear which will show that the tunnel is running.</p>
+
  <p>To disconnect, click the '''Stop''' button.</p>
+
  </td>
+
</tr>
+
 
+
<tr>
+
  <td valign="top" width="39"><p>'''9.)'''</p> </td>
+
  <td valign="top" width="600">
+
  <p>'''Note: '''You may want to configure a desktop shortcut to the forticlientsslvpn application. How this is done will depend on your desktop environment. Remember that the shortcut will need to run the application with root privileges.</p>
+
  <p>For example, in the Trinity Desktop Environment, the command tdesu followed by an executable application will prompt for the root password and then run the application with root privileges. The command which the desktop shortcut should run would be as follows:</p>
+
  <p>'''tdesu /usr/local/sbin/forticlientsslvpn/64bit/forticlientsslvpn'''</p>
+
  </td>
+
</tr>
+
</table>
+

Latest revision as of 20:50, 20 March 2020

What is a VPN

A Virtual Private Network (VPN) uses an existing internet connection to establish a direct link to the campus network. This can be useful for accessing resources that require a campus network connection.

The VPN that The University of Akron uses is FortiClient.


Download FortiClient

Note:
    - If you are using a University of Akron owned computer, FortiClient should already be installed and you do not need to download the client. If it is not, please contact the Help Desk.
    - If you are using a Mac OSX device and already have the FortiClient installed, attempting to install the client from the link above will result in a failure message "No updates found."  Ignore this message and use the FortiClient already installed on your computer.
    - The Installer can take a several minutes to install.  It is recommended that, if possible, you download, install, and test the FortiClient while on campus before you need it for remote access.


To download FortiClient please click the following link: https://uazips.sharepoint.com/sites/software/SitePages/Home.aspx

Windows Setup

(Forticlient is available with official support for Windows 7 or higher)

Please click here to visit the Windows VPN Setup page.

MacOS Setup

(Forticlient is available with official support for Mac OS v10.8 or higher.)

Please click here to visit the Mac VPN Setup page.

Linux Setup

Please click here to visit the Linux VPN Setup page.