openfortivpn kills my routes

by symcbean   Last Updated October 10, 2019 15:00 PM

I am trying to use openfortivpn to connect. Previously I had been using the Fortinet VPN client on MS-Windows - I now get blue screens every time I try to start it (I am downloading the upgraded version, but want to configure this on Linux for other reasons).

The infrastructure I am connecting to has a lot of sub-nets, some of which conflict with my local sub-nets. So with the default settings (--set-routes=1) it overwrites my local routes and box disconnects from the local network. The command line options only seem to allow everything or nothing.

I was able to capture the config which was being applied when it started up and configured routes automatically. Cherry picking the relevant entries and trying to apply them (after restarting the VPN with --no-routes, then manually noting the IP address) resulted in a working connection.

ip route add to 10.0.99.0/255.255.255.0 via 10.220.136.94 dev ppp0

But the local address will change each time I connect; I cannot use this as a literal value in the script.

how do I script this to happen automatically?

The man page for openfortivpn mentions some environment variables which control routing - but typing

 "VPN_ROUTE_GATEWAY" openfortivpn

into Google just gives me links to the source code for openfortivpn (and my knowledge of C is too rusty to reverse engineer this).



Related Questions


Updated October 19, 2015 10:00 AM

Updated September 29, 2017 17:00 PM

Updated August 27, 2019 06:00 AM

Updated March 19, 2019 10:00 AM

Updated July 07, 2017 08:00 AM