Information Services

FortiClient VPN - Mac SSL Configuration

Installing and setting up the FortiClient VPN for Mac clients.

Registering for the VPN Service

You must first register to use the VPN Service, if you haven't already you can register here : VPN Registration

Configuring an SSL VPN Connection

There are  two VPN options available when using the FortiClient VPN application, SSL and IPSec. SSL is the recommended option as it is more reliable and likley to work in all scenarios compared with IPSec which may not work from some networks like those in hotels and cafes.  With the FortiClient installed you can configure both options and select the one that works best, we strongly advise testing the configuration before travelling.

 

Note: Before beginning, you should ensure your operating system is fully up-to-date with all updates and security fixes as well as the latest anti-virus or malware software.

FortiClient VPN requires a minimum version of macOS 10.13 (High Sierra), released in 2017, before it will install.

Installation

  1. Download the FortiClient VPN

    Note: Do not install 'FortiClient 6.4', 'FortiClient 6.0' or 'FortiClient EMS' as these require a license and will not work!

  2. Open the file named FortiClientVPNOnlineInstaller_6.4.dmg (the version number in the name may be higher than this).

    FortiClient VPN Download
    FortiClient VPN Download
  3. When the progress bar is full click Install. If it says 'failed to connect', click Cancel and return to step 2.
  4. Click Continue then Continue then Agree to the licence confirmation.
  5. If asked select Install for all users of this computer then Continue.
  6. Click Install at the bottom right of the window – you might be asked for your macOS password.
  7. You should see Installation complete. Click Close.

Configuration

  1. Open FortiClient from either Applications (within Finder), search in the Spotlight box or click the black shield (in the menu at the top of your screen).
  2. Click Configure VPN in the middle of the FortiClinet VPN screen
  3. For VPN select "SSL-VPN"
  4. For Connection Name enter, for example, "VPN-ED-SSL" - Note newer versions many not allow the use of special characters - /\:'<>()%@#
  5. For Description enter "SSL VPN Connection to UoE"
  6. For Remote Gateway enter  "remote.net.ed.ac.uk"
  7. Tick Customize port and enter 8443
  8. Leave all other values with their default settings:
    • Enable Single Sign ON (SSO) for VPN Tunnel = unticked
    • Client Certificate = "None"
    • Authentication = "Prompt on login"
    • Do not Warn Invalid Server Certificate = unticked
  9. Click Save to save the configuration

Connection

  1. Launch the FortiClient VPN application if it isn't already running
  2. Select the VPN connection you have just created from the "VPN Name" field
  3. Enter your username(uun) and VPN password (separate from normal password) and click 'Connect'.

 

Troubleshooting

If you are having problems connecting once you have setup your new VPN connection then check the troubleshooting and common issues page for some suggestions.