2 min read

Connect Fortinet via Docker

#docker #vpn #fortinet #ssh

My client is using Fortinet to connect to their server. However, they sent me a Fortinet client for Windows 😅. I Googled it and found a way to install Fortinet on my Ubuntu, but it seems like their repository is down at the time of writing this post.

Out of curiosity, I wondered if someone had already dockerized Fortinet. And yes! I found a working and well-maintained version on Github.

Here’s how I set up Fortinet on my Ubuntu using Docker:

git clone --depth 1 https://github.com/poyaz/docker-forticlient
 
cd docker-forticlient
 
cp env/vpn/.env.example env/vpn/.env
 
nano env/vpn/.env # adjust VPN_ADDR, VPN_USER, VPN_PASS
 
docker-compose \
    -f docker-compose.yml \
    -f docker/docker-compose.env.yml \
    -f docker/docker-compose.publish.yml \
    up \
    --force-recreate

Sometimes, Fortinet seems to hang up for no apparent reason. In such cases, we need to --force-recreate the container to restart it.

Now, all I need to do is connect to my client’s server via the proxy exposed from the Docker, which is 127.0.0.1:1080.

ssh -o ProxyCommand="nc -X 5 -x 127.0.0.1:1080 %h %p" \
  [email protected]

To make things easier, I created a Makefile as shortcut:

up:
	docker-compose \
		-f docker-compose.yml \
		-f docker/docker-compose.env.yml \
		-f docker/docker-compose.publish.yml \
		up \
		--force-recreate
 
down:
	docker-compose \
		-f docker-compose.yml \
		-f docker/docker-compose.env.yml \
		-f docker/docker-compose.publish.yml \
		down
 
ssh-server-1:
	ssh -o ProxyCommand="nc -X 5 -x 127.0.0.1:1080 %h %p" [email protected]
 
ssh-server-2:
	ssh -o ProxyCommand="nc -X 5 -x 127.0.0.1:1080 %h %p" [email protected]

Then you can call it like this:

make up
make down
make ssh-server-1
make ssh-server-2

That’s it 🎉