Fortinet black logo

VPN options

VPN options

The VPN <options> XML tag contains global information controlling VPN states:

<forticlient_configuration>

<vpn>

<options>

<current_connection_name>ssldemo</current_connection_name>

<current_connection_type>ssl</current_connection_type>

<autoconnect_tunnel></autoconnect_tunnel>

<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>

<keep_running_max_tries>0</keep_running_max_tries>

<minimize_window_on_connect>1</minimize_window_on_connect>

<allow_personal_vpns>1</allow_personal_vpns>

<disable_connect_disconnect>0</disable_connect_disconnect>

<show_vpn_before_logon>0</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

<use_legacy_vpn_before_logon>0</use_legacy_vpn_before_logon>

<show_negotiation_wnd>0</show_negotiation_wnd>

<disable_dead_gateway_detection>0</disable_dead_gateway_detection>

<vendor_id></vendor_id>

<disable_internet_check>0</disable_internet_check>

<suppress_vpn_notification>0</suppress_vpn_notification>

</options>

</vpn>

</forticlient_configuration>

The following table provides the XML tags for VPN options, as well as the descriptions and default values where applicable:

XML tag

Description

Default value

<current_connection_name>

Enter the current connection's name, if any.

<current_connection_type>

Select the current connection's VPN type: [ipsec | ssl]

<autoconnect_tunnel>

Name of the configured IPsec or SSL VPN tunnel to automatically connect to when FortiClient starts.

<autoconnect_only_when_offnet>

Autoconnect only when FortiClient is off-net.

Boolean value: [0 | 1]

0

<keep_running_max_tries>

The maximum number of attempts to make when retrying a VPN connection that was lost due to network issues. If this tag is set to 0, it retries indefinitely.

0

<minimize_window_on_connect>

Minimize FortiClient after successfully establishing a VPN connection.

Boolean value: [0 | 1]

1

<allow_personal_vpns>

Enable end users to create, modify, and use personal VPN configurations.

When this setting is configured as 0, users cannot configure personal VPN connections. Only provisioned VPN connections are available to the user.

Boolean value: [0 | 1]

1

<use_legacy_vpn_before_logon>

Use the old VPN before logon interface.

Boolean value: [0 | 1]

1

<disable_connect_disconnect>

Enable the Connect/Disconnect button when using Auto Connect with VPN.

Boolean value: [0 | 1]

0

<show_vpn_before_logon>

Allow user to select a VPN connection before logging into the system.

Boolean value: [0 | 1]

0

<use_windows_credentials>

Connect with the current username and password.

You must enable <show_vpn_before_logon> before enabling <use_windows_credentials>.

Boolean value: [0 | 1]

1

<show_negotiation_wnd>

Display information in FortiClient while establishing connections.

Boolean value: [0 | 1]

0

<disable_dead_gateway_detection>

Notifies the Windows OS to disable the detection of dead gateway. You may set this element to 1 if you observe that FortiClient IPsec VPN sends packets using an IP address other than those in the IP address pool that the IPsec VPN server assigns.

Boolean value: [0 | 1]

<vendor_id>

The default value is empty, signifying that FortiClient should use its hard-coded ID during IPsec VPN connection.

<disable_internet_check>

When this setting is configured as 0, VPN autoconnect only starts when the Internet is accessible. When enabled, VPN autoconnect starts even if FortiClient cannot access the Internet.

Boolean value: [0 | 1]

0

<suppress_vpn_notification>

Block FortiClient from displaying any VPN connection or error notifications.

0

VPN options

The VPN <options> XML tag contains global information controlling VPN states:

<forticlient_configuration>

<vpn>

<options>

<current_connection_name>ssldemo</current_connection_name>

<current_connection_type>ssl</current_connection_type>

<autoconnect_tunnel></autoconnect_tunnel>

<autoconnect_only_when_offnet>0</autoconnect_only_when_offnet>

<keep_running_max_tries>0</keep_running_max_tries>

<minimize_window_on_connect>1</minimize_window_on_connect>

<allow_personal_vpns>1</allow_personal_vpns>

<disable_connect_disconnect>0</disable_connect_disconnect>

<show_vpn_before_logon>0</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

<use_legacy_vpn_before_logon>0</use_legacy_vpn_before_logon>

<show_negotiation_wnd>0</show_negotiation_wnd>

<disable_dead_gateway_detection>0</disable_dead_gateway_detection>

<vendor_id></vendor_id>

<disable_internet_check>0</disable_internet_check>

<suppress_vpn_notification>0</suppress_vpn_notification>

</options>

</vpn>

</forticlient_configuration>

The following table provides the XML tags for VPN options, as well as the descriptions and default values where applicable:

XML tag

Description

Default value

<current_connection_name>

Enter the current connection's name, if any.

<current_connection_type>

Select the current connection's VPN type: [ipsec | ssl]

<autoconnect_tunnel>

Name of the configured IPsec or SSL VPN tunnel to automatically connect to when FortiClient starts.

<autoconnect_only_when_offnet>

Autoconnect only when FortiClient is off-net.

Boolean value: [0 | 1]

0

<keep_running_max_tries>

The maximum number of attempts to make when retrying a VPN connection that was lost due to network issues. If this tag is set to 0, it retries indefinitely.

0

<minimize_window_on_connect>

Minimize FortiClient after successfully establishing a VPN connection.

Boolean value: [0 | 1]

1

<allow_personal_vpns>

Enable end users to create, modify, and use personal VPN configurations.

When this setting is configured as 0, users cannot configure personal VPN connections. Only provisioned VPN connections are available to the user.

Boolean value: [0 | 1]

1

<use_legacy_vpn_before_logon>

Use the old VPN before logon interface.

Boolean value: [0 | 1]

1

<disable_connect_disconnect>

Enable the Connect/Disconnect button when using Auto Connect with VPN.

Boolean value: [0 | 1]

0

<show_vpn_before_logon>

Allow user to select a VPN connection before logging into the system.

Boolean value: [0 | 1]

0

<use_windows_credentials>

Connect with the current username and password.

You must enable <show_vpn_before_logon> before enabling <use_windows_credentials>.

Boolean value: [0 | 1]

1

<show_negotiation_wnd>

Display information in FortiClient while establishing connections.

Boolean value: [0 | 1]

0

<disable_dead_gateway_detection>

Notifies the Windows OS to disable the detection of dead gateway. You may set this element to 1 if you observe that FortiClient IPsec VPN sends packets using an IP address other than those in the IP address pool that the IPsec VPN server assigns.

Boolean value: [0 | 1]

<vendor_id>

The default value is empty, signifying that FortiClient should use its hard-coded ID during IPsec VPN connection.

<disable_internet_check>

When this setting is configured as 0, VPN autoconnect only starts when the Internet is accessible. When enabled, VPN autoconnect starts even if FortiClient cannot access the Internet.

Boolean value: [0 | 1]

0

<suppress_vpn_notification>

Block FortiClient from displaying any VPN connection or error notifications.

0