This document is a WORK IN PROGRESS.
This is just a quick personal cheat sheet: treat its contents with caution!
OpenFortiVPN¶
OpenFortiVPN is a client for PPP + SSL VPN tunnel services. It spawns a pppd
(PPP daemon) process
and operates the communication between the gateway and this process.
It is compatible with Fortinet VPNs.
Reference(s)
Table of contents¶
Install¶
A correct kernel config is needed:
The following kernel modules are needed: - CONFIG_PPP - CONFIG_PPP_ASYNC - CONFIG_PPP_SYNC_TTY - CONFIG_PPP_DEFLATE - CONFIG_PPP_BSDCOMP - CONFIG_PPP_MPPE - CONFIG_PPPOE
Warning
After configuring the kernel don't forget to do a kernel make and rebuild!
Use¶
-
Simply connect to a VPN:
-
Connect to a VPN using an authentication realm:
-
Store password securely:
-
Don't set IP routes and don't add VPN name servers to
/etc/resolv.conf
: -
Using a configuration file:
With /etc/openfortivpn/my-config
containing:
host = vpn-gateway
port = 8443
username = foo
set-dns = 0
pppd-use-peerdns = 0
# X509 certificate sha256 sum, trust only this one!
trusted-cert = e46d4aff08ba6914e64daa85bc6112a422fa7ce16631bff0b592a28556f993db
- For the full list of config options, see the CONFIGURATION section of:
If this cheat sheet has been useful to you, then please consider leaving a star here.