Geek Answers Handbook

How to remember a password in FortiClient VPN?

The latest version of FortiClient asks me about my password every time. How can I make a program remember it and who is facing a similar problem?

Anyone have a solution?

+6
source share
4 answers

According to the official documentation, β€œ How to Activate Save Password, Auto Connect and Always Up in FortiClient, ” the availability of this (and some others) is determined by the server administrator using the set save-password enable configuration setting.

Currently, you can override this by changing the show_ * parameters in the registry; In particular, HLKM\Software\Wow6432Node\Fortinet\Forticlient\sslvpn\<name>\show_remember_password = 1
Then, if during the login the β€œsave password” is checked, the client will encrypt the password in the DATA1 and DATA2 values, and even if the server can hide these flags again, the saved password will remain. To clear it, edit the connection settings and return auth back to "Login Request".

EDIT: As Igor said six months later, a much more structured solution is to export the configuration file, modify it, and then upload it back. There are various useful settings that you can customize. You can also reuse the configuration file when deploying to multiple hosts or reinstalling.

+12
source
  • Open the FortiClient Console.
  • Click the Backup button in the "System" section.
  • Save the configuration in vpn.conf file (no password).
  • Open vpn.conf in a text editor.
  • Find the line: <show_remember_password>0</show_remember_password>
  • Change to: <show_remember_password>1</show_remember_password>
  • Save changes.
  • Click the Restore button in the System section of the FortiClient console.
  • Select the modified vpv.conf file. Now you can select the Save Password check box, and you can save your password.
+5
source

I had the same issue on OSX (Sierra) using Forticlient 5.4.1. I finished editing the following file: [Maybe in a different place for you, depending on how the application was installed - look at the long answer below if it does not exist]

 sudo vim /Library/Application\ Support/Fortinet/FortiClient/conf/vpn.plist

To change the following two zeros to ones:

 ... <dict> <key>YOUR_VPN_CONNECTION_NAME_HERE</key> <dict> <key>AllowAutoConnect</key> <integer>1</integer> <key>AllowKeepRunning</key> <integer>0</integer> <key>AllowSavePassword</key> <integer>1</integer> ...

Save, and then just open it again, and the checkboxes for saving will be available now, unlike the previous ones.

You can also use the same thing to save some vpn settings for automatic machine deployment using a script (instead of manual settings for each user).

For those I found, it was simple:

  • Open the Forticlient Console

  • In the terminal run "sudo opensnoop | grep Forti"

  • In the forticlient console, quickly add a new vpn

  • (CNTl-C) and then search through

  • The file above was the most obvious, and one quick scan showed a good forecast.

  • Change as above and it works.

+4
source

For Linux, you can use forticlientsslvpn_cli with Expect to provide a password.

The complete solution is available here:

https://gist.github.com/azizasm/e216bc47b54f5b68405f3c8f8b832e8a

Note. This solution will automatically connect if the VPN disconnects.

0
source

More articles:


All Articles