Fortinet black logo

Administration Guide

Connecting VPNs before logging on (AD environments)

Connecting VPNs before logging on (AD environments)

The VPN <options> tag holds global information controlling VPN states. The VPN connects first, then logs on to AD/domain.

<forticlient_configuration>

<vpn>

<ipsecvpn>

<options>

<show_vpn_before_logon>1</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

</options>

<connections>

<connection>

<name>psk_90_1</name>

<type>manual</type>

<ike_settings>

<prompt_certificate>0</prompt_certificate>

<server>10.10.90.1;ipsecdemo.fortinet.com;172.17.61.143</server>

<redundantsortmethod>1</redundantsortmethod>

...

</ike_settings>

</connection>

</connections>

</ipsecvpn>

</vpn>

</forticlient_configuration>

This is a balanced but incomplete XML configuration fragment. It includes all closing tags but omits some important elements to complete the IPsec VPN configuration.

RedundantSortMethod = 1

This XML tag sets the IPsec VPN connection as ping-response-based. The VPN connects to the FortiGate which responds the fastest.

RedundantSortMethod = 0

By default, RedundantSortMethod =0 and the IPsec VPN connection is priority-based. Priority-based configurations try to connect to the FortiGate starting with the first in the list.

Connecting VPNs before logging on (AD environments)

Connecting VPNs before logging on (AD environments)

The VPN <options> tag holds global information controlling VPN states. The VPN connects first, then logs on to AD/domain.

<forticlient_configuration>

<vpn>

<ipsecvpn>

<options>

<show_vpn_before_logon>1</show_vpn_before_logon>

<use_windows_credentials>1</use_windows_credentials>

</options>

<connections>

<connection>

<name>psk_90_1</name>

<type>manual</type>

<ike_settings>

<prompt_certificate>0</prompt_certificate>

<server>10.10.90.1;ipsecdemo.fortinet.com;172.17.61.143</server>

<redundantsortmethod>1</redundantsortmethod>

...

</ike_settings>

</connection>

</connections>

</ipsecvpn>

</vpn>

</forticlient_configuration>

This is a balanced but incomplete XML configuration fragment. It includes all closing tags but omits some important elements to complete the IPsec VPN configuration.

RedundantSortMethod = 1

This XML tag sets the IPsec VPN connection as ping-response-based. The VPN connects to the FortiGate which responds the fastest.

RedundantSortMethod = 0

By default, RedundantSortMethod =0 and the IPsec VPN connection is priority-based. Priority-based configurations try to connect to the FortiGate starting with the first in the list.