Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Simple script intended to automate Fortinet SSL VPN Client connection on Linux using expect scripting.
#!/bin/bash
# Forticlient SSL VPN Client launching script utilizing expect.
# --------------------------------------------
# CONFIGURATION
# If empty - script will take some simple logic to locate appropriate binary.
FORTICLIENT_PATH=""
# VPN Credentials
VPN_HOST="host:10443"
VPN_USER="username"
VPN_PASS="password"
# --------------------------------------------
trap ctrl_c INT
function ctrl_c() {
echo "Removing left-over files..."
rm -f /tmp/expect
}
if [[ $EUID -ne 0 ]]; then
echo "This script must be run as root"
exit 1
fi
if [ -z "$FORTICLIENT_PATH" ]; then
FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)`
if [ ! -f $FORTICLIENT_PATH ]; then
echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
echo "Specify it at variable FORTCLIENT_PATH"
exit 1
fi
echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
fi
echo "Killing previous instances of Forticlient SSL VPN client..."
killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null
cat << EOF > /tmp/expect
#!/usr/bin/expect -f
match_max 1000000
set timeout -1
spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
expect "Password for VPN:"
send -- "$VPN_PASS"
send -- "\r"
expect "Would you like to connect to this server? (Y/N)"
send -- "Y"
send -- "\r"
expect "Clean up..."
close
EOF
chmod 500 /tmp/expect
/usr/bin/expect -f /tmp/expect
rm -f /tmp/expect
@azizasm

This comment has been minimized.

Copy link

commented Jul 22, 2017

A very good script to access fortiClient using bash script.
For Ubuntu 64 bit based Linux need to change to uname -a | grep -q 64 because uname -r doesn't work.

@hugoeustaquio

This comment has been minimized.

Copy link

commented Dec 28, 2017

Thanks, it works perfectly!

@ronamosa

This comment has been minimized.

Copy link

commented Apr 3, 2018

Thanks for this. came in real handy for work!

@alfem

This comment has been minimized.

Copy link

commented Apr 1, 2019

I use something like this, but I do not need to run it with root permissions.

@naxvm

This comment has been minimized.

Copy link

commented May 27, 2019

Really useful, thanks!!!!

PD: in my case, the "sudo" launching is not required, I commented that lines on the script and works flawlessly.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.