How to setip ovpn client to replace forticlient lite SSL-VPN

This forum is for admins who are looking to build or expand their OpenVPN setup.

Moderators: TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech, TinCanTech

Forum rules
Please use the [oconf] BB tag for openvpn Configurations. See viewtopic.php?f=30&t=21589 for an example.
Post Reply
kayard
OpenVpn Newbie
Posts: 1
Joined: Sun Jan 27, 2013 12:57 pm

How to setip ovpn client to replace forticlient lite SSL-VPN

Post by kayard » Sun Jan 27, 2013 1:09 pm

Hi guys,

I'm new to OpenVPN and even though I have read the howtos on the web site I have to admit that I'm quite confused. Additionaly I didn't really knew where to post this on the forum so forgive me if this isn't the right subsection ...

by the way this is my question. I have windows8 and use forticlient lite client to connect to my company SSL-VPN when i need to work from home. Forticlient doen't ask me for anything except for server address, username, password and VPN type (i select ssl-vpn). I would like to replicate this with a openvpn client but i don't know how. I tried with the sample config changing server address and putting a server certificates that i was able to save when forticlient connects to the server but of course it doesn't work. any idea ? any suggestion ? the problem here is that forticlient doesn't ask for anithing so i don't know which parameters i have to put in the client config file ...

here is my tentative client config

Code: Select all

client
dev tap
;dev tun
dev-node OVPN
;proto tcp
proto udp
remote [server address] 443
;remote-random
resolv-retry infinite
nobind
;user nobody
;group nobody
;persist-key
;persist-tun
;http-proxy-retry # retry on connection failures
;http-proxy [proxy server] [proxy port #]
;mute-replay-warnings
auth-user-pass
ca "C:\\Program Files\\OpenVPN\\config\\ca.crt"
;cert client.crt
;key client.key
;ns-cert-type server
;tls-auth ta.key 1
;cipher x 
;comp-lzo
verb 5
;mute 20
thanks for any help
PS: sorry for my english
Paolo
Italy

rund
OpenVpn Newbie
Posts: 1
Joined: Mon Mar 21, 2022 6:53 pm

Re: How to setip ovpn client to replace forticlient lite SSL-VPN

Post by rund » Mon Mar 21, 2022 6:57 pm

Hi,
I have the exact same question.
My VPN connection works using FortiClient VPN, but I couldn't find a working setup for openVPN (Securepoint SSL VPN).
With openVPN/Securepoint SSL VPN I always get instant TCP connection resets, while FortiClient VPN is running TCP with no problems.

FortiClient VPN destroys my routing table, I want to configure routing by myself instead. Also FortiClient is requiring to much system ressources compared to openVPN.

Thanks/regards,
rund

User avatar
openvpn_inc
OpenVPN Inc.
Posts: 1332
Joined: Tue Feb 16, 2021 10:41 am

Re: How to setip ovpn client to replace forticlient lite SSL-VPN

Post by openvpn_inc » Tue Mar 22, 2022 4:13 pm

Hi rund,

I am not familiar with these products. Contact their vendors for support. I bet they don't want you switching to a generic openvpn client, and they may have done something deliberate to prevent that. Perhaps something at the firewall level is detecting that you're not using their designated client, then sending a TCP reset to your client.

Seems strange (perhaps clueless) that they would be using TCP for openvpn. You can find plenty of documentation all over openvpn.net and the community wiki about why that is not recommended.

You might also want to ask your VPN administrator for help. If you can't get help from the vendor and your admin, try comparing some tcpdump(8) packet captures of both successful and broken client connections. But that will not work, if, as I suspect, something is being done inside the encrypted tunnel to trigger the firewall.

If they have patched the openvpn source code to do this, ask for the source code. If they refuse, that would be a GPL violation, and we might be interested in initiating enforcement action.

regards, rob0
Image OpenVPN Inc.
Answers provided by OpenVPN Inc. staff members here are provided on a voluntary best-effort basis, and no rights can be claimed on the basis of answers posted in this public forum. If you wish to get official support from OpenVPN Inc. please use the official support ticket system: https://openvpn.net/support

marcolopes
OpenVpn Newbie
Posts: 1
Joined: Wed Oct 30, 2024 8:44 pm

Re: How to setip ovpn client to replace forticlient lite SSL-VPN

Post by marcolopes » Wed Oct 30, 2024 8:47 pm

kayard wrote:
Sun Jan 27, 2013 1:09 pm
by the way this is my question. I have windows8 and use forticlient lite client to connect to my company SSL-VPN when i need to work from home. Forticlient doen't ask me for anything except for server address, username, password and VPN type (i select ssl-vpn). I would like to replicate this with a openvpn client but i don't know how. I tried with the sample config changing server address and putting a server certificates that i was able to save when forticlient connects to the server but of course it doesn't work. any idea ? any suggestion ? the problem here is that forticlient doesn't ask for anithing so i don't know which parameters i have to put in the client config file ...
I have the same question...

Any luck with this?

I refuse to use the Forticlient VPN... seems very clumsly and i had problems installing it (doesen't even download from the servers)

I was looking for a way to use OpenVPN instead!

Post Reply