Try the brand-new open-source OpenFortiGUI as replacement for the Forticlient.
Forticlient – SSLVPN is a VPN Client to connect to Fortigate Devices with minimal effort, packaged here for Ubuntu and Debian.
Officially there is only a generic tar.gz package available. As I use Ubuntu most the time, I decided to build .deb packages for 32/64bit Ubuntu with a nice desktop icon to start : )
This packages should also work on debian, but i did not test this on myself now (will follow).
For upgrades just download the new package and install it, the package manager will do the upgrade for you.
I will share my packages here for you to download:
Update 14.4.2017 (build on Ubuntu 16.04):
Since version 4.4.2327-2 builds are generated on Ubuntu 16.04.
Forticlient SSLVPN 4.4.2333-1 32bit
Forticlient SSLVPN 4.4.2333-1 64bit
Old versions (build on Ubuntu 16.04):
Forticlient SSLVPN 4.4.2332-1 32bit
Forticlient SSLVPN 4.4.2332-1 64bit
Forticlient SSLVPN 4.4.2331-1 32bit
Forticlient SSLVPN 4.4.2331-1 64bit
Forticlient SSLVPN 4.4.2330-1 32bit
Forticlient SSLVPN 4.4.2330-1 64bit
Forticlient SSLVPN 4.4.2329-1 32bit
Forticlient SSLVPN 4.4.2329-1 64bit
Forticlient SSLVPN 4.4.2327-2 32bit
Forticlient SSLVPN 4.4.2327-2 64bit
Old versions (build on Ubuntu 14.04):
Forticlient SSLVPN 4.4.2327 32bit
Forticlient SSLVPN 4.4.2327 64bit
Forticlient SSLVPN 4.4.2325 32bit
Forticlient SSLVPN 4.4.2325 64bit
Forticlient SSLVPN 4.4.2323 32bit
Forticlient SSLVPN 4.4.2323 64bit
Forticlient SSLVPN 4.4.2317 32bit
Forticlient SSLVPN 4.4.2317 64bit
Forticlient SSLVPN 4.4.2313 32bit
Forticlient SSLVPN 4.4.2313 64bit
Forticlient SSLVPN 4.4.2312-3 32bit
Forticlient SSLVPN 4.4.2312-3 64bit
Legacy version (works with Ubuntu < 15.04):
Forticlient SSLVPN 4.4.2312 32bit
Forticlient SSLVPN 4.4.2312 64bit
Forticlient SSLVPN 4.4.2307 32bit
Forticlient SSLVPN 4.4.2307 64bit
Forticlient SSLVPN 4.4.2303 32bit
Forticlient SSLVPN 4.4.2303 64bit
Obrigado amigo ! from Brazil !
When installing on 12.04 i get dependency error:
“Dependency not satisfiable: libpango-1.0.0”
On 12.04, the package name is libpango1.0.0 not libpango-1.0.0
Any idea how to fix this issue?
sudo apt-get install -f
Did you finally got a helpful answer? I am stuck with the same problem.
Thanks,
Jon
Hi!
It works great on Linux Mint too.
Thanks a lot!
Confirmation: new version (Forticlient SSLVPN 4.4.2313 64bit) works in Ubuntu 15.04
Best regards.
From Argentina, It works for me. thanks a lot. I use linux mint 17 64b
Works on Debian 8 Jessie (its actually testing) 64 bit.
It also work on Mint 17, YEAH! Thank you.
Worked for me on debian wheezy after forcing the install because of the error mentioned above:
“The package calls for libpango-1.0-0, yet Debian Stable only provides libpango1.0-0 You have the correct name, but Debian hasn’t caught up yet.”
For debians new stable (jessie) it should be fine I guess.
Hi,
oh, sorry for that inconvenience. I just did “copy & paste” and it was late already 😀
As that i released it as beta, i will fix this issues and release a new package soonest.
Thanks Giovanni for your support.
Rene
Ti,
I tested the new patch on Ubuntu 14.10 and is working fine too. So I think the last patch is ok for all Ubuntu version from 14.04 to 15.04
Hi Ti
wordpress converts the double quotes in a wrong way, so please refer to the quotes of the original grep “inet” syntax to fix the package.
Giovanni
Hi Ti,
I tried the new .deb package for 15.04 for 64bit (Forticlient SSLVPN 4.4.2312-2 64bit) and is not working.
Is not working because the patched sysconfig.linux.sh inside 64bit/helper/ dir contains the wrong doble quotes around the brd word.
In your script is:
grep “brd”
and shall be:
grep “brd”
I tested the new package on Ubuntu 14.04 (not in 14.10 because is not booting in VirtualBox) and I found that the right grep word to use to have the new package working in 14.04 (and 14.10 too probably) is “peer”.
So the right patch is to change line 66 of sysconfig.linux.sh as follow:
addr=`ip addr show $ifn | grep “inet” | grep “peer” | tr ‘/’ ‘ ‘ | awk ‘{ print $2 }’`
This is tested and working on Ubuntu 14.04 and 15.04 64bit (32bit is the same).
I noticed that the 32bit package for 15.04 is not patched so please include the fix in 32bit/helper/sysconfyg.linux.sh file.
Last. The 32bit/ dir is inside 64bit package too; can be removed or just patch the script inside 32bit dir too.
Tks again
Giovanni
Okay, that script part was already once a problem in a former release of forticlient ssl-vpn. We contacted fortinet about the problem and they made the fix then in their official files available.
I will contact Fortinet again, so we will have a clean release with that adjustment. Maybe i will release a special Package for Ubuntu 15.04, please be patient.
Cheers
Rene
@Giovanni Mellini
Thanks for the patch. Now all works in 15.04 again.
Hi,
First of all tks for packaging the FortiClient 🙂
I just upgraded to Ubuntu 15.04 today and noticed that the FortiClient was not working.
I did a bit of search in the code and found where the problem is and tested a patch against your last package (forticlient-sslvpn_4.4.2312-1_amd64.deb).
Follow the patch, that is for sysconfig.linux.sh file (both in 32 and 64bit dir):
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$ diff -u sysconfig.linux.sh.SAVE sysconfig.linux.sh
— sysconfig.linux.sh.SAVE 2015-04-25 08:01:16.993683848 +0200
+++ sysconfig.linux.sh 2015-04-25 15:06:41.236863760 +0200
@@ -62,7 +62,7 @@
ifn=`route -n|grep “^1.1.1.1″|awk ‘{print $8}’`
echo “interface $ifn” >> “$base/forticlientsslvpn.log”
-addr=`ip addr show $ifn | grep “inet” | tr ‘/’ ‘ ‘ | awk ‘{ print $2 }’`
+addr=`ip addr show $ifn | grep “inet” | grep “brd” | tr ‘/’ ‘ ‘ | awk ‘{ print $2 }’`
echo “address $addr” >> “$base/forticlientsslvpn.log”
echo “delete route 1.1.1.1” >> “$base/forticlientsslvpn.log”
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$
As you can see the only thing to do is to add the
grep “brd” |
after
grep “inet” |
on row 65 of the script.
The problem is the following with Ubuntu 15.04
After the connection goes up and ppp0 interface is created (A.B.C.D is the IP address of SSL gateway)
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$ ip addr show ppp0
13: ppp0: mtu 1354 qdisc pfifo_fast state UNKNOWN group default qlen 3
link/ppp
inet A.B.C.D peer 1.1.1.1/32 scope global ppp0
valid_lft forever preferred_lft forever
inet A.B.C.D/32 brd A.B.C.D scope global ppp0
valid_lft forever preferred_lft forever
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$
the script execute the following command (line 65) and store the output in $addr var:
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$ ip addr show ppp0 | grep “inet” | tr ‘/’ ‘ ‘ | awk ‘{ print $2 }’
A.B.C.D
A.B.C.D
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$
as you can see with 15.04 you receive a double IP in 2 rows.
After that the script fails on line 98 while executing
route -n add default gw $addr
because $addr is a multi line value and we see in the log the error reported in some comment:
SIOCADDRT: No such device
After the patch the command executed is the following:
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$ ip addr show ppp0 | grep “inet” | grep “brd” | tr ‘/’ ‘ ‘ | awk ‘{ print $2 }’
A.B.C.D
gmellini@jellyfish:/opt/forticlient-sslvpn/64bit/helper$
and the $addr var is now ok. Everything works fine 🙂
I didn’t tested the patch in older Ubuntu version (14.10 or 14.04) where the original script where working but I’m pretty sure it’s ok, because the brd key is every time here.
So can someone else test and if possible can you repackage your .deb with the patch included?
Tks
Giovanni
Thank you very much for these packages.
IWorked like a charm in Ubuntu 14.10, but I just installed Ubuntu 15.04 (final release) and doesn’t work; it connects to tunnel but it doesn’t work at all…
Hope there will be a new forticlient release soon…
Thanks and best regards.
Hi,
I do not modify the original files provided by fortinet, i just build the “easy2go” .deb package arround it. If you want to modify some files, please do after installation or use the original package from fortinet.
I always use the latest original package provided by fortinet in their support area, you need an account to access it. But there are also plenty of other sites hosting this files. The official site http://forticlient.com should also provide the clients.
Fortinet does not provide client for linux.
Hi,
but he sad … forum.fortinet.com/tm.aspx?m=122598 that there is
Of course there is, my package is based on that.
There is even a opensource version in development: https://github.com/adrienverge/openfortivpn
Keep in mind this is CLI only.
Great! opensource is allway the best way!
Hi! Where we can download the original (upstream) files from?
Installed and working on LinuxMint 17.1 (rebecca), thanks!
I suggest modifying the cleanup.linux.sh.
Ubuntu’s /etc/resolv.conf file is a symbolic link to /run/resolvconf/resolv.conf so change it to:
mv -f “$base/resolv.conf.backup” /run/resolvconf/resolv.conf
I think it’s better this way:
replace
mv -f "$base/resolv.conf.backup" /etc/resolv.confwith
cat "$base/resolv.conf.backup" > /etc/resolv.confso it doesn’t matter if the target is a link or not
I made new packages
https://dl.dropboxusercontent.com/u/14120212/forticlient-sslvpn_4.4.2312-4_amd64.deb
https://dl.dropboxusercontent.com/u/14120212/forticlient-sslvpn_4.4.2312-4_i386.deb
Me and my colleagues are very happy! Just click and play! Great.
Dude You are the best …. Thanks a lot
Thanks for the information, lets see if i can investigate this further. But first i need to install Debian 🙂
Many thanks for this! However, with regards to Debian support, install seems to fail on Debian Wheezy.
The package calls for libpango-1.0-0, yet Debian Stable only provides libpango1.0-0 You have the correct name, but Debian hasn’t caught up yet.
Interesting, i didnt try it with Ubuntu 15.04 now. But as Ubuntu 15.04 final isnt released now it can be a bug there or in the SSL-VPN Binaries. Lets wait for the final Ubuntu 15.04 release, then we can test again and in case report it to the Fortinet Support Team.
This is super awesome, but isn’t working in Ubuntu 15.04. I think there’s a problem with the way the setup script tries to add a route, because the log shows an error:
route -n add -net 192.168.XXX.XXX netmask 255.255.255.0 gw 10.212.XXX.XXXSIOCADDRT: No such device
Manually adding a route (using sudo and the above command in a terminal) appears to make it all work.
Man you deserve more than a beer, you deserve a bottle of vodka, thanks so much
Amazing!!!! thanks dude!
Man, you deserve a beer! Thank you very much!
I’ll pay you a beer. No more need to install complete “ia32-libs” to make this piece of software run.
Works great on debian Jessie, thank you very much!
This is great! Only problem is that it’s tiny on my HiDPI sreen. If it would be possible to resize the windows that would do it.
Hy !
I have a Ubuntu 16.04 LTS and I try different version for my version but is not working….It apper a message that say …Waiting to install….and it’s stop.
If you have any suggestion…..thank you very much
try it on the command-line using apt/apt-get/gdebi/dpkg?
https://superuser.com/questions/196864/how-to-install-local-deb-packages-with-apt-get/698249
Thank you it’s work great on Ubuntu Focal fossa