Fortinet black logo

VPN options

VPN options

The VPN <options> XML tag contains global information controlling VPN states:

<forticlient_configuration>

<vpn>

<options>

<current_connection_name>ssldemo</current_connection_name>

<current_connection_type>ssl</current_connection_type>

<autoconnect_tunnel></autoconnect_tunnel>

<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>

<keep_running_max_tries>0</keep_running_max_tries>

<save_password>0</save_password>

<minimize_window_on_connect>1</minimize_window_on_connect>

<allow_personal_vpns>1</allow_personal_vpns>

<disable_connect_disconnect>0</disable_connect_disconnect>

<show_vpn_before_logon>0</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

<use_legacy_vpn_before_logon>0</use_legacy_vpn_before_logon>

<show_negotiation_wnd>0</show_negotiation_wnd>

<disable_dead_gateway_detection>0</disable_dead_gateway_detection>

<vendor_id></vendor_id>

<disable_internet_check>0</disable_internet_check>

<suppress_vpn_notification>0</suppress_vpn_notification>

</options>

</vpn>

</forticlient_configuration>

The following table provides the XML tags for VPN options, as well as the descriptions and default values where applicable.

XML tag

Description

Default value

<current_connection_name>

Enter the current connection's name, if any.

<current_connection_type>

Select the current connection's VPN type: [ipsec | ssl]

<autoconnect_tunnel>

Name of the configured IPsec VPN or SSL VPN tunnel to automatically connect to when FortiClient starts. Requires that the <save_password> tag be set to 1.

<autoconnect_only_when_offnet>

Autoconnect only when FortiClient is off-net.

Boolean value: [0 | 1]

0

<keep_running_max_tries>

The maximum number of attempts to make when retrying a VPN connection that was lost due to network issues. If this tag is set to 0, it retries indefinitely.

0

<save_password>

Save user-provided connection passwords.

Boolean value: [0 | 1]

0

<minimize_window_on_connect>

Minimize FortiClient after successfully establishing a VPN connection.

Boolean value: [0 | 1]

1

<allow_personal_vpns>

Enable end users to create, modify, and use personal VPN configurations.

Boolean value: [0 | 1]

When this setting is configured as 0, FortiClient users are not be able to configure personal VPN connections. Only provisioned VPN connections are available to the user.

1

<use_legacy_vpn_before_logon>

Use the old VPN before logon interface.

Boolean value: [0 | 1]

1

<disable_connect_disconnect>

Enable the Connect/Disconnect button when using Auto Connect with VPN.

Boolean value: [0 | 1]

0

<show_vpn_before_logon>

Allow user to select a VPN connection before logging into the system.

Boolean value: [0 | 1]

0

<use_windows_credentials>

Connect with the current username and password.

You must enable <show_vpn_before_logon> before enabling <use_windows_credentials>.

Boolean value: [0 | 1]

1

<show_negotiation_wnd>

Display information in FortiClient while establishing connections.

Boolean value: [0 | 1]

0

<disable_dead_gateway_detection>

Notifies the Windows OS to disable the detection of dead gateway. You may set this element to 1 if you observe that FortiClient IPsec VPN sends packets using an IP address other than those in the IP address pool assigned by the IPsec VPN server.

Boolean value: [0 | 1]

<vendor_id>

The default value is empty, signifying that FortiClient should use its hard-coded ID during IPsec VPN connection.

<disable_internet_check>

When this setting is configured as 0, VPN autoconnect only starts when the Internet is accessible. When enabled, VPN autoconnect starts even if FortiClient cannot access the Internet.

Boolean value: [0 | 1]

0

<suppress_vpn_notification>

Block FortiClient from displaying any VPN connection or error notifications.

0

VPN options

The VPN <options> XML tag contains global information controlling VPN states:

<forticlient_configuration>

<vpn>

<options>

<current_connection_name>ssldemo</current_connection_name>

<current_connection_type>ssl</current_connection_type>

<autoconnect_tunnel></autoconnect_tunnel>

<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>

<keep_running_max_tries>0</keep_running_max_tries>

<save_password>0</save_password>

<minimize_window_on_connect>1</minimize_window_on_connect>

<allow_personal_vpns>1</allow_personal_vpns>

<disable_connect_disconnect>0</disable_connect_disconnect>

<show_vpn_before_logon>0</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

<use_legacy_vpn_before_logon>0</use_legacy_vpn_before_logon>

<show_negotiation_wnd>0</show_negotiation_wnd>

<disable_dead_gateway_detection>0</disable_dead_gateway_detection>

<vendor_id></vendor_id>

<disable_internet_check>0</disable_internet_check>

<suppress_vpn_notification>0</suppress_vpn_notification>

</options>

</vpn>

</forticlient_configuration>

The following table provides the XML tags for VPN options, as well as the descriptions and default values where applicable.

XML tag

Description

Default value

<current_connection_name>

Enter the current connection's name, if any.

<current_connection_type>

Select the current connection's VPN type: [ipsec | ssl]

<autoconnect_tunnel>

Name of the configured IPsec VPN or SSL VPN tunnel to automatically connect to when FortiClient starts. Requires that the <save_password> tag be set to 1.

<autoconnect_only_when_offnet>

Autoconnect only when FortiClient is off-net.

Boolean value: [0 | 1]

0

<keep_running_max_tries>

The maximum number of attempts to make when retrying a VPN connection that was lost due to network issues. If this tag is set to 0, it retries indefinitely.

0

<save_password>

Save user-provided connection passwords.

Boolean value: [0 | 1]

0

<minimize_window_on_connect>

Minimize FortiClient after successfully establishing a VPN connection.

Boolean value: [0 | 1]

1

<allow_personal_vpns>

Enable end users to create, modify, and use personal VPN configurations.

Boolean value: [0 | 1]

When this setting is configured as 0, FortiClient users are not be able to configure personal VPN connections. Only provisioned VPN connections are available to the user.

1

<use_legacy_vpn_before_logon>

Use the old VPN before logon interface.

Boolean value: [0 | 1]

1

<disable_connect_disconnect>

Enable the Connect/Disconnect button when using Auto Connect with VPN.

Boolean value: [0 | 1]

0

<show_vpn_before_logon>

Allow user to select a VPN connection before logging into the system.

Boolean value: [0 | 1]

0

<use_windows_credentials>

Connect with the current username and password.

You must enable <show_vpn_before_logon> before enabling <use_windows_credentials>.

Boolean value: [0 | 1]

1

<show_negotiation_wnd>

Display information in FortiClient while establishing connections.

Boolean value: [0 | 1]

0

<disable_dead_gateway_detection>

Notifies the Windows OS to disable the detection of dead gateway. You may set this element to 1 if you observe that FortiClient IPsec VPN sends packets using an IP address other than those in the IP address pool assigned by the IPsec VPN server.

Boolean value: [0 | 1]

<vendor_id>

The default value is empty, signifying that FortiClient should use its hard-coded ID during IPsec VPN connection.

<disable_internet_check>

When this setting is configured as 0, VPN autoconnect only starts when the Internet is accessible. When enabled, VPN autoconnect starts even if FortiClient cannot access the Internet.

Boolean value: [0 | 1]

0

<suppress_vpn_notification>

Block FortiClient from displaying any VPN connection or error notifications.

0