search

adrienverge / openfortivpn

Client for PPP+TLS VPN tunnel services
GNU General Public License v3.0
2.73k stars 321 forks source link

connecting with @ in username and context in host #1204

Open rmacian opened 8 months ago

rmacian commented 8 months ago

My Forticlient is connecting with a user like foo@bar.xyz and the host is shown has https://foo/bar (I have two vpns on different context, the other is foo/qux)

I have also activated a 2FA where I get a code from Microsoft authenticator

How does is translated in the config file ? I tried

host = foo/bar 
port = 10443
username = foo@bar.xyz
password = mypass
otp = 1234

I get

ERROR:  getaddrinfo: nodename nor servname provided, or not known

If omit the context I get

DEBUG:  Empty cookie.
ERROR:  Could not authenticate to gateway. Please check the password, client certificate, etc.
DEBUG:  No cookie given (-7)

Help does not explain, also the 2FA is not even clear ..

DimitriPapadopoulos commented 8 months ago

Please use meaningful names. I suspect the foo and bar in foo@bar.xyz and https://foo/bar are different, aren't they?

rmacian commented 8 months ago

yes its user@domain.com and https://anotherdomain.com/context

DimitriPapadopoulos commented 8 months ago

Try;

openfortivpn -u 'user@domain.com' --realm=context anotherdomain.com

However, 2FA is not directly supported. You would have to connect to https://anotherdomain.com/context using a web browser, retrieve the cookie, and feed it to openfortivpn:

openfortivpn -u 'user@domain.com' --realm=context --cookie =... anotherdomain.com