Authentication using Pre-Shared Key?

This issue has been created since 2021-04-23.

Hello, this is a question.

Is there a way to use pre-shared key authentication? I have received my vpn credentials (username / password / PSK) for a project I work, together with the instructions. But the instructions are for Windows, and I don't want to switch to Windows. The Windows program for Forticlient VPN provides the authentication method Pre-shared key.

Also, there seems to be a recent question posted on Server Fault, which, unfortunately, has 2 downvotes (at the time of writing).

I don't think it matters, but I'm running Manjaro 21 with 5.11 kernel.

Thank you.

DimitriPapadopoulos wrote this answer on 2021-04-23

The Windows client often relies on IPSec. The Linux client relies on SSL. So one question is whether your VPN gateway supports VPN SSL or not.

The ServerFault question has been downvoted because it is way too vague: no error messages, nothing actionable:

  • Where did you download FortiClient from?
  • How did you install it?
  • How are you unable to run it. Any error messages? Logs? Screen capture?
DimitriPapadopoulos wrote this answer on 2021-04-23

From openfortivpn --help:

  -u <user>, --username=<user>  VPN account username.
  -p <pass>, --password=<pass>  VPN account password.
  --user-key=<file>             Use specified PEM-encoded key if the server requires
                                authentication with a certificate.
DimitriPapadopoulos wrote this answer on 2021-04-26

@reloadedd Did he above suggestions help?

reloadedd wrote this answer on 2021-04-27

Sorry for the late response.

I've spoke with the project supervisor about this and told him that the Windows client relies on IPSec, while the Linux one on SSL. His response was that is possible to connect to the VPN on Linux with IPSec. From what I understood from your response, this is not possible with openfortivpn.

Today I should have a talk with him and help me configure the VPN for Linux. This is why I've delayed my response.

Thank you.

DimitriPapadopoulos wrote this answer on 2021-04-27

Exactly, it is possible to connect with IPsec from Linux, but neither with openfortivpn nor the official FortClient. To connect with IPsec, you need to configure the IPsec stack yourself. The details depend on the Linux distribution (mostly the strongSwan version but perhaps not only) and the VPN gateway. As an example, a colleague of mine had provided a recipe for Ubuntu 14.04 or 16.04 which stopped working with Ubuntu 16.04 or 18.04.

Here are a few links found with keywords Linux IPSec configure Fortinet:

Feel free to reopen if you're interested in VPN SSL as opposed to VPN IPsec.

More Details About Repo
Owner Name adrienverge
Repo Name openfortivpn
Full Name adrienverge/openfortivpn
Language Perl
Created Date 2015-01-26
Updated Date 2022-09-28
Star Count 1885
Watcher Count 49
Fork Count 272
Issue Count 79

YOU MAY BE INTERESTED

Issue Title Created Date Comment Count Updated Date
Demo Broken: Invalid Hermes Start Command 1 2021-06-07 2022-09-20
NEST: add unit tests 0 2022-09-12 2022-09-14
feat: add user-based auto-complete endpoint 0 2022-09-12 2022-09-14
Biome Extracts Not Working As Intended 1 2020-12-30 2022-07-29
browser management 2.0 0 2022-03-29 2022-09-20
[Qualify of Life] re-releasing 3.0.0 beta 3.2 1 2022-03-06 2022-07-15
[BUG] error message in output.log when logo not found / no logo available 8 2022-04-15 2022-09-24
Platfromio serialudpi 2 2021-12-29 2022-08-19
Appears who is the signer has no effect 1 2021-10-18 2022-08-13
support auto on-demand Import? 0 2021-11-29 2022-09-10
Software EV signing token 1 2022-09-08 2022-09-16
[Regression] SPLATTERHOUSE [BLUS30335] can no longer boot becuase of HDD full message 1 2021-11-02 2022-08-03
Getting error while running custom login page 1 2021-04-25 2022-09-15
Documentation 11 2019-09-20 2022-01-20
Could anyone share an own-deployed working instance please? 0 2021-08-28 2022-08-14
Incompatible with sodium `0.4.0-alpha6+build.12` 5 2022-01-14 2022-09-12
FEAT: Use black formatting 1 2022-05-02 2022-09-25
stod causes access violation error 0 2022-03-10 2022-07-21
Why is there a second plot in the animation? 2 2021-12-21 2022-09-08
提示缺少"google-services.json" 0 2021-10-12 2021-12-18
使用分页 select 时, 无默认列表选项, 只能通过搜索获取列表 5 2022-04-15 2022-09-27
Instrument the `mongodb_metrics` source with event processing metrics 0 2021-11-17 2022-07-26
Instrument the `host_metrics` source with event processing metrics 0 2021-11-17 2022-09-14
Instrument the `internal_logs` source with event processing metrics 0 2021-11-17 2022-07-22
Instrument the `nats` source with event processing metrics 0 2021-11-17 2022-09-03
Instrument the `kubernetes_logs` source with event processing metrics 0 2021-11-17 2022-07-24
Instrument the `internal_metrics` source with event processing metrics 0 2021-11-17 2022-07-14
Doctrine\ODM\MongoDB\Tools\Console\Command\Schema\ValidateCommand marks each mapping got issues 0 2021-02-25 2022-09-25
Unit test crash with OL 6.8.1 legacy build 2 2021-10-01 2022-09-07
realme xt boot.img destroyed 1 2021-11-05 2022-09-12
[Feature] [UI] Do not display 0 count badges on the performer tab 2 2022-03-27 2022-09-02
Command block executing carpet mod command `script run game_tick()` crashes game if Lithium is installed 1 2021-06-08 2022-09-15
Edge agent does not work when the portainer server is accessed through a CNAME record 3 2022-07-28 2022-09-27
Nothing happens when trying to paste one deleted disk 2 2021-09-22 2022-08-30
Combine + MVVM help 4 2021-06-23 2022-01-17
Tenants Disk Ressource Limitation 0 2022-08-30 2022-09-12
Is it possible to align the Resource shortnames with MS abbreviations 3 2022-03-22 2022-09-08
Links fail when only one feature is selected 1 2021-03-04 2022-09-13
Create new github release matching spec's changelog version 3 2021-11-23 2022-09-03
Release Tagging lax 0 2021-11-23 2021-12-30
IFaxAccountNotify and IFaxServerNotify2 are fake interfaces 0 2022-08-05 2022-08-24
typing.final supports properties 1 2021-08-30 2022-09-27
command "spellright.*" not found 26 2017-09-18 2022-07-26
ERROR: libvmaf >= 1.3.9 not found using pkg-config 2 2021-02-22 2022-09-07
[CoE Starter Kit - BUG] How to update URLs in Command Center (for renamed environment) 3 2022-07-14 2022-09-27
Move `host filtering` to a tower layer 1 2022-08-30 2022-09-21
Exceptions inside "module" scripts does not stop 1 2021-07-20 2022-09-14
kratos-client (typescript): Deprecated axios dependency => Severe Vulnerability Issues with current npm package 7 2021-02-02 2022-09-04
Resetting user authentication state; forgetting "Hide my email" 2 2020-09-24 2022-09-13
Image classification training fails when first label contains more than 10000 images 11 2022-04-19 2022-09-18