OpenFortiVPN is a client for PPP+SSL VPN tunnel services, which is compatible with Fortinet VPNs. OpenFortiGUI is a graphical user interface to connect to handle OpenFortiVPN connections.
To install OpenFortiGUI on Ubuntu 18.04 Bionic Beaver:
|
1 2 3 4 5 6 |
sudo apt-get install apt-transport-https ca-certificates curl gnupg-agent software-properties-common sudo apt update echo 'deb https://apt.iteas.at/iteas bionic main' | \ sudo tee /etc/apt/sources.list.d/iteas.at.list sudo apt-get install openfortigui |
After launching OpenFortiGUI, you can add a new VPN by clicking the Add button in the toolbar.
OpenFortiGUI Add VPN Dialog
Alternatively, you can run an OpenFortiVPN socks5 proxy from the command line using the Docker image myon/fortivpn-socks5:
|
1 2 3 4 5 |
docker container run --rm --cap-add=NET_ADMIN --device=/dev/ppp -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro myon/fortivpn-socks5 |
(assuming the configuration file is in the current directory and it is called config)
The configuration file config contains the following:
|
1 2 3 4 5 6 |
### config file for openfortivpn, see man openfortivpn(1) ### host = vpn.example.com port = 1443 username = <my_user> password = <my_password> trusted-cert = <my_trusted_cert> |
When you launch the container you get:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 |
$ docker container run --rm --cap-add=NET_ADMIN --device=/dev/ppp -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro myon/fortivpn-socks5 http/socks5 proxy server: 172.17.0.2:8443 INFO: Connected to gateway. INFO: Authenticated. INFO: Remote gateway has allocated a VPN. Using interface ppp0 Connect: ppp0 <--> /dev/pts/0 INFO: Got addresses: [10.212.132.10], ns [172.20.46.253, 172.20.46.248] INFO: negotiation complete INFO: negotiation complete local IP address 10.212.132.10 remote IP address 192.0.2.1 INFO: Interface ppp0 is UP. INFO: Setting new routes... INFO: Adding VPN nameservers... INFO: Tunnel is up and running. |
where 172.17.0.2 is the IP address of the container.
The header images is Virtual Private Network (VPN) by Richard Patterson via Flickr, released under a Creative Commons Attributions 2.0 (CC-BY 2.0) license.
