Quick post/reminder as I’ve seen this case growing a bit lately. But before starting, let’s be clear about that: in a perfect world, this blog post would not have to exists. Every well enough educated IT pro know that Fortinet has a fully customizable MSI client available for registered users! But as we are in real world, things are a little bit trickier… Trickier to a point where I have never been able to obtain the registered MSI client in every single project where Fortinet client was involved for the last 3 years…. (The why could deserve another post, but this is out of scope) So here is how to get the job done with the free client edition. Dear real world, you are so cruel sometimes…
Grabbing the MSI
From Fortniet.com, download the free FortiClient client and start the installation.
Once the installer shows a page with title “Welcome to the FortiClient Setup Wizard
Go to C:\Programdata\Applications\Cache\{GUID}\6.X.X.XXX and grab the FortiClient.msi file.
Grabbing the settings
To capture the settings, you should first install the client. On the “Choose setup type” page select the “Secure Remote Access” option. Note that I have no idea on how to install the other components, so you are in the wrong place if this is something you want to achieve.
Once the client is installed, open the FortiClient console by right clicking on theFortinet icon in the system tray. Select Remote Access on the side bar and then click on the Configure VPN link.
Fill the form with your VPN info and click on save. this is all for this part.
Putting it all together
VPN connection settings are stored in HKEY_LOCAL_MACHINE\SOFTWARE\Fortinet so you just need to export those keys to be able to deploy everywhere.
The export command is:
Reg export HKLM\SOFTWARE\Fortinet c:\temp\FortinetSettings.reg
During the app deployment, there is one little trick to install the settings: registry keys must be applied before installing the client. So, let’s first install parameters with something like this:
Reg import FortinetSettings.reg
Then we can install the VPN client alone with the proper parameters passed to the MSI package we saved earlier using this command:
Msiexec /qb /i FortiClient.msi /norestart INSTALLLEVEL=3
Done !