OneSecure VPN Remote User Installation & Configuration Guide 3/11/2015
CONTENTS Download Client Software 02 Install Client Software 03 Enable Client Software 07 Configure the Connection 08 WELCOME Welcome to your step-by-step instruction guide to downloading, installing, and configuring the VPN client software that you will use for your OneSecure VPN Remote User access. This guide will lead you through the following steps: Downloading the software agent Installing the software agent Enabling the software agent Configuring the connection to the hub location This guide addresses the FortiClient VPN client, version 3.0.395, and will install successfully on PCs with Windows 2000, Windows XP, and Windows Vista operating systems. These instructions should take no more than 10 minutes to implement, after you have downloaded the agent file. Please follow these instructions completely to ensure proper operation of the Remote User VPN service. Let s get started! DOWNLOAD THE CLIENT SOFTWARE Important: If a VPN client is already installed on your laptop or desktop, it is strongly recommended that you uninstall that client, or use another machine for installation of the VPN client, as many VPN client applications do not work well with each other. Downloading the software To download the FortiClient software onto the PC where you want to install the software, open a Web browser and go to the URL: http://downloads.perimeterusa.com/fortinet When prompted, enter the following information: User Name Password Click on the FortiClientSetup_3.0.395.exe entry in the list. (If your PC is running a 64-bit operating system, you should download the FortiClientSetup_3.0.395_64.exe file instead.) Save the downloaded file to a convenient location; for example, in your My Documents folder. The file is 23.6 MB and the download may take a while depending on the speed of your Internet connection. 2
INSTALL THE CLIENT SOFTWARE Starting the installation To install the FortiClient software, go to the START button and select Run. Select the Browse button to locate the software file you just downloaded and click Open. Then, click OK in the Run window. InstallShield Wizard When the InstallShield Wizard opens, click Next to start the installation process. When prompted, click Yes and I accept the terms in the license software. Then click Next. 3
Choosing a custom installation When prompted for the setup type, select Custom and click Next. Configuring the installation Select Firewall and expand the selection. Choose This feature will not be available. Repeat this step for the Anti Virus, Webfilter, and Antispam entries, choosing This feature will not be available for each selection. When the Custom Setup window looks like the one on the bottom left, you are finished. Click Next. 4
Choose This feature will not be available. Repeat this step for the Anti Virus, Webfilter, and Antispam entries, choosing This feature will not be available for each selection. When the Custom Setup window looks like the one on the left, you are finished. Click Next. 5
Installing the software Click Install to start the installation process. A progress bar will track the status of the software installation. Finishing the installation When the software is finished installing, the screen at the right will appear. Click Finish. You will see a new icon on your desktop for the FortiClient software. This is the icon you will use when you want to connect to your company s network. 6
You will have to restart your computer to enable the VPN new feature. Click Yes to reboot your system. ENABLE THE CLIENT SOFTWARE Enabling the client Double click on the FortiClient desktop icon to enable the client software. When you start the application for the first time, you will see the Welcome window. Click Cancel. Entering the License key Click Enter License Key. Enter the license key. Click OK. Completing the Set Up Contact TelePacific Customer Care Center to complete this set up at: 877-487-TPAC (8722) Option #2. 7
SYSTEM ADMINISTRATION Enhanced configuration Note: This configuration should be completed by the System Administrator. Now that the FortiClient software is installed and enabled, you will need to set up a new connection You will need the following information from your network administrator to configure your new connection: External IP address of your Fortigate unit Internal IP of your Fortigate unit Subnet Mask of your Fortigate Unit Preshared key Creating a new connection Double click on the FortiClient desktop icon to start the client software. Click on the VPN tab. Click on Advanced, then choose Add from the drop down menu 8
Manual configuration Enter a connection name of your choice. Click on Manual. Then click OK. In the Remote Gateway field, enter the external (public) IP address of your Fortigate unit. In the Remote Network field, enter the internal IP address and subnet mask of your Fortigate unit. For the Authentication Method, select Preshared Key from the drop-down list. In the Preshared Key field, enter the 20-character preshared key. (Enter carefully as this is case sensitive.) Then click Advanced. New Connection > Advanced Settings Click on Config in the middle of the Policy screen section. 9
Advanced Settings > Policy Configuration The Connection Detailed Settings screen will display. Under the IKE section, click Delete all. Then click Add. The Proposal screen will display. For Encryption, select 3DES. For Authentication, select SHA1. Click OK. You will be returned to the previous screen. In the IKE Mode section on the right, choose Aggressive. In the IKE DH Group section, check 2 and uncheck 5. Now repeat for the IPSec section. Click Delete all, then click Add. The Proposal screen will display again. For Encryption, select 3DES. For Authentication, select SHA1. Click OK. 10
You will be returned to the previous screen again. In the Advanced Options section at the bottom, check Autokey Keep Alive and uncheck PFS. Click OK. You will be returned to the Advanced Settings screen. In the Advanced section, check extended Authentication. Then click on the Config button next to extended Authentication. 11
Extended authentication configuration Verify that Prompt to login is checked, and click OK. Return to the previous screen, and click OK. Click OK again. This will return you to the main FortiClient screen. Connecting to the hub location From the main FortiClient screen, click on the connection you just created so it is highlighted. Click Connect. When prompted, enter the username and password your network administrator gave you. You should now be connected to your company s network through the hub location. Congratulations, you re done! You have completed the necessary steps to download, install, and connect your Remote User VPN client software. Please contact your System Administrator in order to complete the installation process and/or for any future troubleshooting 12