Information Services

FortiClient VPN - Windows SSL Configuration from China

Installing and setting up the Fortinet FortiClient VPN for Windows client from China.

This guide is intended only for students accessing resources while studying from China, if you are located anywhere else in the world or have moved from China you should follow the standard VPN configuration guides

VPN Registration

You must first register to use the VPN Service, if you haven't already you can register here : VPN Registration

VPN Installation and Configuration

Note: Before beginning you should ensure your operating system is fully up to date with all Operating System updates and security fixes as well as the latest anti-virus or malware software. FortiClient VPN 7.0 requires Windows 7, 8.1 or 10 (32 or 64 bit), before it will install.

 

First, install the FortiClient VPN application.

  1. Download the FortiClient VPN 

  2. Double-click on the installer (FortiClientVPNOnlineInstaller_7.[x].exe)
    1. Note: the number at the end '[x]' may change over time.
  3. Read through and accept the license agreement, tick 'Yes I have read and accept the License agreement'   and click "Next".
  4. On the Destination Folder screen, leave Install Forticlient To: as the default value  -  "C:\Program Files\Fortinet\FortiClient"
  5. On the Ready To Install FortiClient screen click "Install".
  6. Once the install is complete, click "Finish"
  7. From the Start menu, launch the FortiClient VPN application.

As China is such a large country we have created two VPN connection points to help improve performance. Which one you should use will depend on where you are located within China but general advice is to connect to the one that is geographically closest:

 

Remote Gateway Region Area
47.112.118.73 Shenzhen China South
182.92.210.105 Beijing China North

We recommend that you create two connections in Forticlient VPN and then try both to see which gives the best performance.

Now configure the SSL VPN connection:

  1. For VPN select "SSL-VPN"
  2. For Connection Name enter "VPN@Ed - SSL China South " - Note newer versions don't allow the use of special characters - /\:'<>()%#
  3. For Description enter "SSL VPN Connection to UoE from China South"
  4. For Remote Gateway enter "47.112.118.73"
  5. Tick Customize port and enter 8443
  6. Leave all other values with their default settings:
    1. Enable Single Sign ON (SSO) for VPN Tunnel = unticked
    2. Client Certificate = "None"
    3. Authentication = "Prompt on login"
    4. Do not Warn Invalid Server Certificate = unticked
  7. Click Save to save the configuration

Now create a second VPN connection for China North by clicking on the menu to the right of the 'VPN Name' field (3 horizontal lines). 

Select 'Add a new connection' from the menu and repeat steps 1 - 7 above but using the following values 

  • Name VPN@Ed - SSL China North 
  • Description SSL VPN Connection to UoE from China North
  • Remote Gateway 182.92.210.105

Your VPN connections are now ready to use.

  1. Click the arrow in the VPN Name field and select the appropriate connection based on your location
  2. Enter your username(uun) and VPN password (separate from normal password) and click 'Connect'.

 

 

The above steps are based on version 6.4 of the FortiClient VPN application.

 

Troubleshooting

If you are having problems connecting once you have setup your new VPN connection then check the troubleshooting and common issues page for some suggestions.