Information Services

FortiClient VPN - Mac SSL Configuration from China

Installing and setting up the FortiClient VPN for Mac clients.

This guide is intended only for students accessing resources while studying from China, if you are located anywhere else in the world or have moved from China then you should follow the standard VPN configuration guides

VPN Registration

You must first register to use the VPN Service, if you haven't already you can register here : VPN Registration

VPN Installation and Configuration

Note: Before beginning, you should ensure your operating system is fully up-to-date with all updates and security fixes as well as the latest anti-virus or malware software.

FortiClient VPN 7.0 requires a minimum version of macOS 10.14 (Mojave), released in 2018, before it will install.

Installation

  1. Download FortiClient VPN 

  2. Once downloaded, click the FortiClientVPN_7.0.0.22_OnlineInstaller  (the version number in the name may be higher than this), click Open if asked). The FortiClient VPN install will begin.
  3. Click Continue then Continue then Agree to the licence confirmation.
  4. If asked select Install for all users of this computer then Continue.
  5. Click Install at the bottom right of the window – you might be asked for your macOS password.
  6. You should see Installation complete. Click Close.

Configuration

As China is such a large country we have created two VPN connection points to help improve performance. Which one you should use will depend on where you are located within China but general advice is to connect to the one that is geographically closest:

 

Remote Gateway Region Area
47.112.118.73 Shenzhen China South
182.92.210.105 Beijing China North

 

We recommend that you create two connections in Forticlient VPN and then try both to see which gives the best performance.

  1. Open FortiClient from either Applications (within Finder), search in the Spotlight box or click the black shield (in the menu at the top of your screen).
  2. Click Configure VPN in the middle of the FortiClient VPN screen
  3. For VPN select "SSL-VPN"
  4. For Connection Name enter, for example, "VPN-ED-SSL from China" - Note newer versions many not allow the use of special characters - /\:'<>()%@#
  5. For Description enter "SSL VPN Connection to UoE from China"
  6. For Remote Gateway enter "47.112.118.73"
  7. Tick Customize port and enter 8443
  8. Leave all other values with their default settings:
    • Enable Single Sign ON (SSO) for VPN Tunnel = unticked
    • Client Certificate = "None"
    • Authentication = "Prompt on login"
    • Do not Warn Invalid Server Certificate = ticked
  9. Click Save to save the configuration

Now create a second VPN connection for China North by clicking on the menu to the right of the 'VPN Name' field (3 horizontal lines). 

Select 'Add a new connection' from the menu and repeat steps 1 - 7 above but using the following values 

  • Name VPN@Ed - SSL China North 
  • Description SSL VPN Connection to UoE from China North
  • Remote Gateway 182.92.210.105

Connection

  1. Launch the FortiClient VPN application if it isn't already running
  2. Select the VPN connection you have just created from the "VPN Name" field
  3. Enter your username(uun) and VPN password (separate from normal password) and click 'Connect'.

 

Troubleshooting

If you are having problems connecting once you have setup your new VPN connection then check the troubleshooting and common issues page for some suggestions.