vpn : ipsec forticlient
 
ipsec forticlient
Use this command to configure automatic VPN configuration for FortiClient Host Security application users.
The FortiClient users who will use automatic configuration must be members of a user group. The config vpn ipsec forticlient command creates a “realm” that associates the user group with the phase 2 VPN configuration. You can create multiple realms to associate different user groups with different phase 2 configurations.
The user group identifies the user name and password settings that the dialup client’s credentials must match in order for authentication to be successful. The phase 2 tunnel definition and its associated firewall encryption policy provides the configuration parameters to download to the FortiClient Host Security application.
Syntax
Set or unset VPN policy distribution parameters.
config vpn ipsec forticlient
edit <realm_name>
set phase2name <tunnel_name>
set status {enable | disable}
set usergroupname <group_name>
end
Variable
Description
Default
edit <realm_name>
Enter a name for the FortiClient realm. This is also referred to as the policy name.
No default.
phase2name <tunnel_name>
Enter the name of the phase 2 tunnel configuration that you defined as part of the dialup-client configuration.
Null
status {enable | disable}
Enable or disable IPSec VPN policy distribution.
enable
usergroupname <group_name>
Enter the name of the user group that you created for dialup clients. This group must already exist.
Null