Integrating Fortinet VPN into NoTouch

Fortinet VPN and the required certificates can be provisioned into NoTouch OS devices centrally using NoTouch Center

Create Fortinet VPN Connection

In order to use this feature, a NoTouch Center VPN license is required

Once the VPN license has been added to NoTouch Center, they need to be applied to the devices at either device or group level and is described in the following article: https://kb.stratodesk.com/licensing#Assign-Licenses

Firstly, you will need the VPN license attached to the device, so select the device, click licenses, in the add license section select ‘VPN, and click Add.

AddVPNLic

If you have applied this successfully then it should look like the example below.

InstalledVPNLic

Next, we need to add the certificates into NoTouch Center. As NoTouch Center does not allow you to upload a certificate key you must add the CA certificate for the VPN, along with the client certificate & key into a zip file. This must then be uploaded into NoTouch Center under assignable certificates. This is documented in the following kb’s

Next, we need to distribute the ‘Assignable Certificates’ to the endpoint and this is done under the ‘Security’ options in the group settings for the device as shown below.

AssignCert

So we can configure the VPN client on the End Point, we need to turn on ‘Network Manager’ in services and turn this on. Please note that a restart of the device will be required so it can start the service and also add the certificate bundle.

Once the device has rebooted click the network manager icon indicated with the arrow below and select Edit Connections.

AddVPN-1

From there, click ‘Edit Connections’ and then ‘Add’ Scroll down to VPN and select Fortinet SSL VPN, and click create.

Populate the Connection Name, Gateway Address & Username.

AddVPN-2

You will also need to browse the certificate store in /config/certificates to add the CA Certificate, User Certificate & User Key. If this folder does not exist, then you have not added the ‘Assignable Certificates zip file in the group settings.

AddVPN-3

Finally, click save & close to exit the setup.

To start the VPN connection click Network Manager, VPN & then the VPN connection you created.

AddVPN-4

 

If you need further support for configuration, please can you do this via our support channel by emailing support@stratodesk.com as we may need to recover a support file if needed and the only way you can send this to us is via our customer portal and will need a dedicated support ticket number to do this.