OpenFortiGui and OpenFortiVPN on Ubuntu 18.04

OpenFortiVPN is a client for PPP+SSL VPN tunnel services, which is compatible with Fortinet VPNs. OpenFortiGUI is a graphical user interface to connect to handle OpenFortiVPN connections.

To install OpenFortiGUI on Ubuntu 18.04 Bionic Beaver:

sudo apt-get install apt-transport-https ca-certificates curl 
                     gnupg-agent software-properties-common
sudo apt update
echo 'deb https://apt.iteas.at/iteas bionic main' | \
  sudo tee /etc/apt/sources.list.d/iteas.at.list
sudo apt-get install openfortigui

sudo apt-get install apt-transport-https ca-certificates curl

gnupg-agent software-properties-common

sudo apt update

echo 'deb https://apt.iteas.at/iteas bionic main' | \

sudo tee /etc/apt/sources.list.d/iteas.at.list

sudo apt-get install openfortigui

After launching OpenFortiGUI, you can add a new VPN by clicking the Add button in the toolbar.

Alternatively, you can run an OpenFortiVPN socks5 proxy from the command line using the Docker image myon/fortivpn-socks5:

docker container run --rm
                     --cap-add=NET_ADMIN
                     --device=/dev/ppp
                     -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro
                         myon/fortivpn-socks5

docker container run --rm

--cap-add=NET_ADMIN

--device=/dev/ppp

-v $PWD/eurecat.conf:/etc/openfortivpn/config:ro

myon/fortivpn-socks5

(assuming the configuration file is in the current directory and it is called config)

The configuration file config contains the following:

### config file for openfortivpn, see man openfortivpn(1) ###
host = vpn.example.com
port = 1443
username = <my_user>
password = <my_password>
trusted-cert = <my_trusted_cert>

### config file for openfortivpn, see man openfortivpn(1) ###

host = vpn.example.com

port = 1443

username = <my_user>

password = <my_password>

trusted-cert = <my_trusted_cert>

When you launch the container you get:

$ docker container run --rm 
                       --cap-add=NET_ADMIN
                       --device=/dev/ppp
                       -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro
                         myon/fortivpn-socks5
http/socks5 proxy server: 172.17.0.2:8443
INFO: Connected to gateway.
INFO: Authenticated.
INFO: Remote gateway has allocated a VPN.
Using interface ppp0
Connect: ppp0 <--> /dev/pts/0
INFO: Got addresses: [10.212.132.10], ns [172.20.46.253, 172.20.46.248]
INFO: negotiation complete
INFO: negotiation complete
local IP address 10.212.132.10
remote IP address 192.0.2.1
INFO: Interface ppp0 is UP.
INFO: Setting new routes...
INFO: Adding VPN nameservers...
INFO: Tunnel is up and running.