Start forticlient VPN only with command line

If your VPN client office using forticlient, you might want to run your VPN client with only command line, so you don’t have to see the small window just for connect your servers from home. With this bash script you can run your forclient VPN client only with CLI.

Install expect first if you’re using ubuntu.

$ sudo apt-get install expect

Then copy this script below and save itInside the script there are some variables like username, password, host, port, that you need to fill.

#!/bin/bash

# Forticlient SSL VPN Client launching script utilizing expect.

FORTICLIENT_PATH="/your-path-to-forticlient/64bit/forticlientsslvpn_cli"

# VPN Credentials
VPN_HOST="yourVPNHost:YourPort"
VPN_USER="yourVPNUser"
VPN_PASS="enter-your-pass-here"

if [[ $EUID -ne 0 ]]; then
  echo "This script must be run as root"
  exit 1
fi

if [ -z "$FORTICLIENT_PATH" ]; then
  FORTICLIENT_PATH=`uname -r | grep -q 64 && echo $(locate forticlientsslvpn_cli | grep 64bit) || echo $(locate forticlientsslvpn_cli | grep 32bit)`
  if [ ! -f $FORTICLIENT_PATH ]; then
    echo "Tried to locate Forticlient SSL VPN Cli binary, but failed."
    echo "Specify it at variable FORTCLIENT_PATH"
    exit 1
  fi
  echo "Located Forticlient VPN Client at: $FORTICLIENT_PATH"
fi

echo "Killing previous instances of Forticlient SSL VPN client..."
killall -9 $(basename $FORTICLIENT_PATH) 2> /dev/null

cat << EOF > /tmp/expect
#!/usr/bin/expect -f
match_max 1000000
set timeout -1
spawn $FORTICLIENT_PATH --server $VPN_HOST --vpnuser $VPN_USER --keepalive
expect "Password for VPN:"
send -- "$VPN_PASS"
send -- "\r"

expect "Would you like to connect to this server? (Y/N)"
send -- "Y"
send -- "\r"

expect "Clean up..."
close
EOF

chmod 500 /tmp/expect
/usr/bin/expect -f /tmp/expect

rm -f /tmp/expect

After you saved the script, let’s try to run it with sudo mode:

$ sudo vpn.sh &