tfe Homepage


Fortinet IPSEC on Linux with Strongswan and Swanctl

After a lot of tries, i have finally achieved connecting to a Fortinet IPSEC VPN network on my Linux (Debian).

Here are the quik steps you should follow in order to have it working too:

    Install the packages strongswan + strongswan-charon + strongswan-swanctl

    $ apt-get install strongswan strongswan-charon strongswan-swanctl

    Check a working installation of  Fortinet  client, in order to check what are the parameters you actually need

    Create the file in /etc/swanctl/conf.d/vpn.conf (Check sample)

    Update the content of the file /usr/lib/ipsec/_updown (Check sample)

    Load the configuration:

 $ swanctl --load-all

    Initiate the VPN connection

    $ swanctl --initiate --child MYVPN    

    Check the VPN status

    $ swanctl --list-sas    

    When done using the VPN: kill the connection:

    $ swanctl --terminate --ike MYVPN