If your corporate VPN access is via a Fortigate appliance’s proprietary SSL VPN there’s chances you’re using the vendor provided client. Too bad that one doesn’t really plug into modern Linux desktop experience; it’s CLI only and you’re not able to customize the network configuration too much. There’s no source code and thus no way you’ll be able to do anything about it.
With the availability of the new VPN plugin NetworkManager-fortisslvpn we address this. On its backend it uses the free software protocol implementation openfortivpn (thanks to Adrien Vergé) that got some major improvements lately and integrates well with NetworkManager.
Both openfortivpn and the NetworkManager-fortisslvpn plugin will be available in Fedora in next few days; the other distributions will hopefully follow.
I for one think that the elected login/password combination is clearly a sign of immaturity of Mr. Rintel.
Yeah, it’s just an example. Please use a longer password for a real use.
What about Strongswan plugin for network manager, is there any chance to make it working?
The Strongswan plugin should be working. It’s now available in Fedora too and we’ve submitted the 1.2 support.
We didn’t hear back from the Strongswan developers though: https://github.com/strongswan/strongswan/pull/15
Also, we plan to bring the Libreswan plugin to feature parity with Strongswan.
Hi,
Good news, do you plan to support Hardware Token?
Hi have never be able to log on a fortivpn because my certificat can be export and his on a hardware token.
Thanks
Well, we do have the certificate in file support, but this would need someone to implement the PKCS#11 instead.
I don’t plan to work on it, but patches are welcome.
This a great news! I was wandering whether or not there are any ideas to integreate sshuttle to networkmanager. That would enable all GUI dependend users to have a simple and efficient alternative to VPN.
There already are third party SSH and Iodine plugins. Our plugin API is simple enough; it’s easy to write a plugin for whichever tunneling are you using. You just essentially just need some mechanism (ifupdown scripts, helpers) to call back to NM when you get the IP configuration.
I think I guessed your password.
Thanks for letting me know. Changed it now!
It looks great very simple and clean, the plugin is very useful