Connecting SSL VPN FortiGate using Fedora 24


OpenFortiGUI is an open-source VPN-Client to connect to Fortigate VPN-Hardware. It is based on openfortivpn and adds an easy to use and nice GUI on top of it, written in Qt5.

Unlike other VPN-clients it is also possible to connect to multiple VPN-destinations  simultaneously. It is an replacement for the closed-source Forticlient – SSLVPN Client.

Important: Since version 0.2.12 the encoding of AES-encrypted passwords has changed because of a change of the upstream AES-library. You must reset all passwords for your VPN-profiles again to work, sorry for the inconveniences.

Features include:

  • Qt5 GUI, based on 5.5
  • openfortivpn library built-in, no separate download required
  • All settings saved in text-files, so easy to share, passwords saved AES-encrypted (key can be defined as needed)
  • VPNs divided into local and global sections (readonly, useful for deployments to many users)
  • VPN-groups can be defined to start groups of VPNs at the same time
  • Trayicon with fast access to start/stop VPNs and groups
  • Multiple VPN connections possible simultaneously
  • Certificate and user/password auth supported
  • English and german language
  • Source:

Prebuild packages are available for following Distros:

Ubuntu 16.04 (last Update 19.08.2017): 

OpenFortiGUI 0.3.3 32bit
OpenFortiGUI 0.3.3 64bit

Debian 9 (last Update 19.08.2017):

OpenFortiGUI 0.3.3 64bit

You can also use our apt mirror, for instructions see:

Quick instruction to build from source:

  1. Install DEV-tools (on Ubuntu: build-essential, qt5-default, libssl-dev)
  2. git clone
  3. cd openfortigui && git submodule init && git submodule update
  4. cd qtinyaes && git submodule init && git submodule update
  5. cd .. && qmake && make -j8
  6. openfortigui binary is ready

Used software/libraries/resources:

Running with command line :

sudo openfortivpn [<host>:<port>] [-u <user>] [-p <pass>]
[–realm=<realm>] “Optoinal”
[–no-routes] “Optional”
[–no-dns] “Optional”
[–pppd-no-peerdns] “Optional”
[–pppd-log=<file>] “Optional”
[–pppd-plugin=<file>] “Optional”
[–ca-file=<file>] “Optional”
[–user-cert=<file>] “Optional”
[–user-key=<file>] “Optional”
[–trusted-cert=<digest>] “Need if you have some cert”
[-c <file>] [-v|-q] “Optional”

If works, you can see this INFO :


Source : Bits and

Reset Password


1. Connect Console cable
2. Reboot the router and press the Break key to interrupt the boot sequence.

For break key sequences

Software Platform Operating System Try This
Hyperterminal IBM Compatible Windows XP Ctrl-Break
Hyperterminal IBM Compatible Windows 2000 Ctrl-Break
Hyperterminal IBM Compatible Windows 98 Ctrl-Break
Hyperterminal (version 595160) IBM Compatible Windows 95 Ctrl-F6-Break
Kermit Sun Workstation UNIX Ctrl-\l
MicroPhone Pro IBM Compatible Windows Ctrl-Break
Minicom IBM Compatible Linux Ctrl-a f
ProComm Plus IBM Compatible DOS or Windows Alt-b
SecureCRT IBM Compatible Windows Ctrl-Break
Telix IBM Compatible DOS Ctrl-End
Telnet N/A N/A Ctrl-], then type send brk
Telnet to Cisco IBM Compatible N/A Ctrl-]
Teraterm IBM Compatible Windows Alt-b
Terminal IBM Compatible Windows Break
Tip Sun Workstation UNIX Ctrl-], then Break or Ctrl-c
VT 100 Emulation Data General N/A F16
Windows NT IBM Compatible Windows Break-F5
Shift-6 Shift-4 Shift-b (^$B)
Z-TERMINAL Mac Apple Command-b
N/A Break-Out Box N/A Connect pin 2 (X-mit) to +V for half a second
Cisco to aux port N/A Control-Shft-6, then b
IBM Compatible N/A Ctrl-Break

3. reset
rommon 1 > confreg 0x2142
You must reset or power cycle for new config to take effect
rommon 2 > reset

4. Change the password
Type no after each setup question, or press Ctrl-C in order to skip the initial setup procedure
Router> enable
Router# copy startup-config running-config
Destination filename [running-config]? (hit enter)
Building configuration…
Router# configure terminal
Router(config)# enable password cisco
Router(config)# enable secret cisco
Router(config)# line console 0
Router(config-line)# password cisco
Router(config)# username cisco privilege 15 secret cisco
Router(config)# config-register 0x2102
Router(config)# exit
Router# copy running-config startup-config
Destination filename [startup-config]? (hit enter)
Building configuration…
Router# reload



1. Connect your Console cable with settings 9600/8/N/1
2. Power on the device and watch the screen for the line:
Hit [Enter] to boot immediately, or space bar for command prompt.
When you see that line, hit the SPACE BAR and you will receive an OK prompt.
3. At the OK prompt, you want to the system into single user mode by issuing the command
boot -s

4. The system will boot in single user mode and you will then be prompted if you want to enter the path name for shell or “recovery” for root password recovery. Since we are trying to recover the password, we will enter
5. The system will then boot and run a recovery script and place you in at the > prompt
> edit
# set system root-authentication plain-text-password
# commit
# exit
> exit
Reboot the system? [y/n] y
SN: FGT-7152316537
L: maintainer
P: bcpbFGT-7152316537
1. Press Clear hole for 10s
Once you release the “Clear” button, only the password protection will be removed. All other configuration settings will remain intact, and the switch will not reboot
If you would like to disable the clear password button on the front of the HP Procurve switch then enter the following
>conf t
Switch(config)# no front-panel-security password-clear
You will also notice the reset button next to the clear button. To disable this button enter the following.
Switch(config)# no front-panel-security factory-reset
Both buttons are now disabled.If you would like to enable these buttons again, do so with the commands below.
Switch(config)# front-panel-security password-clear
Switch(config)# front-panel-security factory-reset
Finally if you are unsure of the status of the reset and clear buttons on the procurve switch then enter the following.
Switch(config)# show front-panel-security

Site-to-Site IPsec VPN Cisco Router to FortiGate

# sh run
version 15.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname R1a
boot system flash:c2800nm-adventerprisek9-mz.151-4.M10.bin
warm-reboot count 10 uptime 7
aaa new-model
aaa session-id common
dot11 syslog
ip source-route
ip cef
ip dhcp excluded-address
ip dhcp excluded-address
ip dhcp pool pool10.0.31.0
no ip domain lookup
ip domain name
ip name-server
ip name-server
no ipv6 cef
multilink bundle-name authenticated
crypto isakmp policy 1
encr 3des
hash md5
authentication pre-share
group 2
lifetime 28800
crypto isakmp key address
crypto ipsec transform-set TS esp-3des esp-md5-hmac
crypto ipsec profile 3DESMD5
set transform-set TS
set pfs group2
interface Tunnel1
ip unnumbered FastEthernet0/0.206
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel2
ip unnumbered FastEthernet0/0.221
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel3
ip unnumbered FastEthernet0/0.224
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel4
ip unnumbered FastEthernet0/0.226
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel5
ip unnumbered FastEthernet0/0.228
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel6
ip unnumbered FastEthernet0/0.230
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface Tunnel7
ip unnumbered FastEthernet0/0.232
tunnel source
tunnel mode ipsec ipv4
tunnel destination
tunnel protection ipsec profile 3DESMD5
interface FastEthernet0/0
ip address
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
interface FastEthernet0/1
ip address
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip nat inside source list 101 interface FastEthernet0/0 overload
ip route
ip route Tunnel1
ip route Tunnel2
ip route Tunnel3
ip route Tunnel4
ip route Tunnel5
ip route Tunnel6
ip route Tunnel7
access-list 101 permit ip any
mgcp fax t38 ecm
mgcp profile default
line con 0
line aux 0
line vty 0 4
transport input all
line vty 5 15
transport input ssh
scheduler allocate 20000 1000

– refresh routing table if needed
# clear ip route *

-create objects

-create a vpn tunnel

-create Policy/IPv4

-create a static route

-Back to Cisco1
make sure after 5min, through Tunnel4 is appear
# clear ip route *
# sh ip route
S* [1/0] via is variably subnetted, 8 subnets, 2 masks
C is directly connected, FastEthernet0/0
L is directly connected, FastEthernet0/0
C is directly connected, FastEthernet0/1
L is directly connected, FastEthernet0/1
S is directly connected, Tunnel1
S is directly connected, Tunnel3
S is directly connected, Tunnel4
S is directly connected, Tunnel7You can try ping from PC1 to PC2 now