OpenFortiGui and OpenFortiVPN on Ubuntu 18.04

OpenFortiVPN is a client for PPP+SSL VPN tunnel services, which is compatible with Fortinet VPNs. OpenFortiGUI is a graphical user interface to connect to handle OpenFortiVPN connections.

To install OpenFortiGUI on Ubuntu 18.04 Bionic Beaver:

sudo apt-get install apt-transport-https ca-certificates curl 
                     gnupg-agent software-properties-common
sudo apt update
echo 'deb https://apt.iteas.at/iteas bionic main' | \
  sudo tee /etc/apt/sources.list.d/iteas.at.list
sudo apt-get install openfortigui

sudo apt-get install apt-transport-https ca-certificates curl

gnupg-agent software-properties-common

sudo apt update

echo 'deb https://apt.iteas.at/iteas bionic main' | \

sudo tee /etc/apt/sources.list.d/iteas.at.list

sudo apt-get install openfortigui

After launching OpenFortiGUI, you can add a new VPN by clicking the Add button in the toolbar.

OpenFortiGUI Add VPN Dialog

Alternatively, you can run an OpenFortiVPN socks5 proxy from the command line using the Docker image myon/fortivpn-socks5:

docker container run --rm
                     --cap-add=NET_ADMIN
                     --device=/dev/ppp
                     -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro
                         myon/fortivpn-socks5

docker container run --rm

--cap-add=NET_ADMIN

--device=/dev/ppp

-v $PWD/eurecat.conf:/etc/openfortivpn/config:ro

myon/fortivpn-socks5

(assuming the configuration file is in the current directory and it is called config)

The configuration file config contains the following:

### config file for openfortivpn, see man openfortivpn(1) ###
host = vpn.example.com
port = 1443
username = <my_user>
password = <my_password>
trusted-cert = <my_trusted_cert>

### config file for openfortivpn, see man openfortivpn(1) ###

host = vpn.example.com

port = 1443

username = <my_user>

password = <my_password>

trusted-cert = <my_trusted_cert>

When you launch the container you get:

$ docker container run --rm 
                       --cap-add=NET_ADMIN
                       --device=/dev/ppp
                       -v $PWD/eurecat.conf:/etc/openfortivpn/config:ro
                         myon/fortivpn-socks5
http/socks5 proxy server: 172.17.0.2:8443
INFO: Connected to gateway.
INFO: Authenticated.
INFO: Remote gateway has allocated a VPN.
Using interface ppp0
Connect: ppp0 <--> /dev/pts/0
INFO: Got addresses: [10.212.132.10], ns [172.20.46.253, 172.20.46.248]
INFO: negotiation complete
INFO: negotiation complete
local IP address 10.212.132.10
remote IP address 192.0.2.1
INFO: Interface ppp0 is UP.
INFO: Setting new routes...
INFO: Adding VPN nameservers...
INFO: Tunnel is up and running.