/
WUPHD SSL VPN

WUPHD SSL VPN

Owned by Jamie Jarvi
Last updated: May 30, 2025 by Eric Kemppainen

 

WUPHD Staff must be assigned to the Active Directory group WUPHD-VPN.

 

Outside vendors must be given a LOCAL FORTIGATE USER in the WUPDHD VDOM and added to the WUPHD-VPN group (Or a group that is made especially for the vendor for limited access).

TSL 1.1 and 1.2 must be enabled, otherwise the connection will fail at 40%. The setting for that in WIndows is under Internet Options > Advanced.

 

REMC1 Staff, there is a K1000 distro that installs this and sets all the settings. It is recommended to use that. For info on how the distro is made see: FortiClient VPN K1000 Distro

 


Windows Installation and connection

To Configure

  1. YOU MUST HAVE AN ACTIVE INTERNET CONNECTION TO INSTALL THIS CLIENT.

  2. Download and install: SSL VPN Client Software

  3. Run the install. Installation may require local admin privileges. At one point the install MAY download updates from fortinet. THIS MAY PAUSE FOR EVEN 10MIN AT 0% you must be patient it will continue if you have an internet connection.

  4. After running the install you should see a red shield on your desktop titled Forticlient. Run this by double clicking.

    FortiClient desktop icon display
    FortiClient desktop icon display

  5. You will get a Forticlient Console window. Click the blue "Configure VPN" link in the center of the white area (see picture below)

  6. Windows Forticlient console page, configure vpn link display
    Windows Forticlient console page, configure vpn link display

  7. Fill in the connection name

  8. The Remote gateway is wuphdvpn.remc1.net 

  9. Put a check in the customize port box and enter 10443

  10. Optional: Click the Save Login radio button and in the Username Field type in your username.  If you are a vendor REMC1 will supply you with your username.

    1. Note: do not use the full email, just the username.

      Windows Forticlient edit vpn connection page display
      Windows Forticlient edit vpn connection page display

  11. Click apply

To Connect

  1. You should see a red shield on your desktop titled Forticlient. Run this by double clicking. Alternatively, you may see a green shield in the lower right taskbar. Right-click on that and select "connect to (whatever you named your profile)" See the pictures below.

    FortiClient desktop icon display
    FortiClient desktop icon display

     

    Windows Forticlient right click, connect to profile path display
    Windows Forticlient right click, connect to profile path display

  2. Type in your username (if you didn't set it up to autofill in the steps above).  If you are a Vendor: Contact REMC1.

  3. Type in your NETWORK login password. This will be the same password used to log into your work computer and your email. It's all one login. If you are a vendor or outside entity/non REMC1 member then REMC1 will supply you with the password.

  4. Click Connect. If you receive a certificate warning (you shouldn't unless you used the IP address instead of wuphdvpn.remc1.net as the remote gateway) accept the certificate to finish the connection.

  5. Windows Forticlient console login page display
    Windows Forticlient console login page display

  6. Remember to disconnect when you are done.

  7. To disconnect double click on the Forticlient shield icon on your desktop and then click Disconnect in the window that pops up OR right click on the green Forticlient shield in your taskbar and select disconnect. (see picture below)

    Windows Forticlient console connected page display
    Windows Forticlient console connected page display

    or 

    Windows Forticlient right click, disconnect from profile path display
    Windows Forticlient right click, disconnect from profile path display

OSX - Apple

To Configure

  1. Download the OSX client below and double click on the download. It will mount as a drive. You must open the finder and click on it like a disk drive and run the forticlientupdate.app as shown in the screenshot below.

    OSX finder, fortigate client update path display
    OSX finder, fortigate client update path display

  2. A window will pop up. Click Continue, then Continue, then Agree to the license (if you are UPGRADING then you will not see that step) then click the customize button on the lower middle part of the window (see screenshot below)

    OSX install Forticlient page, customize button display
    OSX install Forticlient page, customize button display

  3. IMPORTANT NOW UNCHECK OTHER COMPONENTS or it will install a slew of annoying garbage such as webfilter, antivirus etc. which you don't need

  4. Click the Install button and finally the close button.

  5. On the top OSX Menu Bar click the Black Shield and select Open Forticlient Console OR Go to your Finder then click Applications on the left side of that window then on the right side double click on the Forticlient icon with the Red Shield (see pictures of both methods below).


    OSX menu bar black shield, open forticlient console path display
    OSX menu bar black shield, open forticlient console path display


    or


    OSX finder tool, Applications, forticlient console path display
    OSX finder tool, Applications, forticlient console path display

  6. Once open click the Remote access on the left side of the window then the gray gear icon on the right part of the window and select Add New Connection (see picture below)


    OSX forticlient console page display
    OSX forticlient console page display

  7. Select the SSLvpn radio button on top

  8. Name your connection: WUPHD (for example)

  9. Remote Gateway: wuphdvpn.remc1.net

  10. Click Customize Port and type in 10443

  11. Click Save Login checkbox


    OSX forticlient vpn add connection page display
    OSX forticlient vpn add connection page display

  12. Type in your username in the Username field.  Contact remc1 if you are a vendor/outside entity.

  13. Click the Add button at the bottom right

To Connect

  1. On the top OSX Menu Bar click the Black Shield and select Open Forticlient Console OR Go to your Finder then click Applications on the left side of that window then on the right side double click on the Forticlient icon with the Red Shield (see pictures of both methods below).

    OSX finder tool, Applications, forticlient console path display
    OSX finder tool, Applications, forticlient console path display


    or

    OSX menu bar black shield, connect to profile display
    OSX menu bar black shield, connect to profile display

  2. When the window pops up make sure your correct VPN Name is selected

  3. Type in your username in the Username field. (skip if its already there and saved in the config from the initial setup)  Contact remc1 if you are a vendor/outside entity.

  4. Type in your NETWORK login password. This will be the same password used to log into your work computer and your email. Its all one login. If you are a vendor or outside entity/non REMC1 member then REMC1 will supply you with the password.

  5. Click Connect

  6. Remember to disconnect when you are done. To disconnect click on the shield in the top menu bar as explained above or double click the forticlient red shield in Applications and click disconnect. Screenshots for both methods are already included above.

Apple IOS

  • Available in the app store. Titled Forticlient. I recommend just using the built in ipsec feature of IOS but the SSLvpn forticlient option does work well also. The settings are the same as explained above.


Android

  • Available here: https://play.google.com/store/apps/details?id=com.fortinet.forticlient_vpn&hl=en or search for fortinet in the google play store.

    Android forticlient vpn page display
    Android forticlient vpn page display

 

 

 

WUPHD Staff must be assigned to the Active Directory group WUPHD-VPN.

 

Outside vendors must be given a LOCAL FORTIGATE USER in the WUPDHD VDOM and added to the WUPHD-VPN group (Or a group that is made especially for the vendor for limited access).

TSL 1.1 and 1.2 must be enabled, otherwise the connection will fail at 40%. The setting for that in WIndows is under Internet Options > Advanced.

 

REMC1 Staff, there is a K1000 distro that installs this and sets all the settings. It is recommended to use that. For info on how the distro is made see: FortiClient VPN K1000 Distro

 


Windows Installation and connection

To Configure

  1. YOU MUST HAVE AN ACTIVE INTERNET CONNECTION TO INSTALL THIS CLIENT.

  2. Download and install: SSL VPN Client Software

  3. Run the install. Installation may require local admin privileges. At one point the install MAY download updates from fortinet. THIS MAY PAUSE FOR EVEN 10MIN AT 0% you must be patient it will continue if you have an internet connection.

  4. After running the install you should see a red shield on your desktop titled Forticlient. Run this by double clicking.

    FortiClient desktop icon display
    FortiClient desktop icon display

  5. You will get a Forticlient Console window. Click the blue "Configure VPN" link in the center of the white area (see picture below)

  6. Windows Forticlient console page, configure vpn link display
    Windows Forticlient console page, configure vpn link display

  7. Fill in the connection name

  8. The Remote gateway is wuphdvpn.remc1.net 

  9. Put a check in the customize port box and enter 10443

  10. Optional: Click the Save Login radio button and in the Username Field type in your username.  If you are a vendor REMC1 will supply you with your username.

    Windows Forticlient edit vpn connection page display
    Windows Forticlient edit vpn connection page display

  11. Click apply

To Connect

  1. You should see a red shield on your desktop titled Forticlient. Run this by double clicking. Alternatively, you may see a green shield in the lower right taskbar. Right-click on that and select "connect to (whatever you named your profile)" See the pictures below.

    FortiClient desktop icon display
    FortiClient desktop icon display

     

    Windows Forticlient right click, connect to profile path display
    Windows Forticlient right click, connect to profile path display

  2. Type in your username (if you didn't set it up to autofill in the steps above).  If you are a Vendor: Contact REMC1.

  3. Type in your NETWORK login password. This will be the same password used to log into your work computer and your email. It's all one login. If you are a vendor or outside entity/non REMC1 member then REMC1 will supply you with the password.

  4. Click Connect. If you receive a certificate warning (you shouldn't unless you used the IP address instead of wuphdvpn.remc1.net as the remote gateway) accept the certificate to finish the connection.

  5. Windows Forticlient console login page display
    Windows Forticlient console login page display

  6. Remember to disconnect when you are done.

  7. To disconnect double click on the Forticlient shield icon on your desktop and then click Disconnect in the window that pops up OR right click on the green Forticlient shield in your taskbar and select disconnect. (see picture below)

    Windows Forticlient console connected page display
    Windows Forticlient console connected page display

    or 

    Windows Forticlient right click, disconnect from profile path display
    Windows Forticlient right click, disconnect from profile path display

OSX - Apple

To Configure

  1. Download the OSX client below and double click on the download. It will mount as a drive. You must open the finder and click on it like a disk drive and run the forticlientupdate.app as shown in the screenshot below.

    OSX finder, fortigate client update path display
    OSX finder, fortigate client update path display

  2. A window will pop up. Click Continue, then Continue, then Agree to the license (if you are UPGRADING then you will not see that step) then click the customize button on the lower middle part of the window (see screenshot below)

    OSX install Forticlient page, customize button display
    OSX install Forticlient page, customize button display

  3. IMPORTANT NOW UNCHECK OTHER COMPONENTS or it will install a slew of annoying garbage such as webfilter, antivirus etc. which you don't need

  4. Click the Install button and finally the close button.

  5. On the top OSX Menu Bar click the Black Shield and select Open Forticlient Console OR Go to your Finder then click Applications on the left side of that window then on the right side double click on the Forticlient icon with the Red Shield (see pictures of both methods below).


    OSX menu bar black shield, open forticlient console path display
    OSX menu bar black shield, open forticlient console path display


    or


    OSX finder tool, Applications, forticlient console path display
    OSX finder tool, Applications, forticlient console path display

  6. Once open click the Remote access on the left side of the window then the gray gear icon on the right part of the window and select Add New Connection (see picture below)


    OSX forticlient console page display
    OSX forticlient console page display

  7. Select the SSLvpn radio button on top

  8. Name your connection: WUPHD (for example)

  9. Remote Gateway: wuphdvpn.remc1.net

  10. Click Customize Port and type in 10443

  11. Click Save Login checkbox


    OSX forticlient vpn add connection page display
    OSX forticlient vpn add connection page display

  12. Type in your username in the Username field.  Contact remc1 if you are a vendor/outside entity.

  13. Click the Add button at the bottom right

To Connect

  1. On the top OSX Menu Bar click the Black Shield and select Open Forticlient Console OR Go to your Finder then click Applications on the left side of that window then on the right side double click on the Forticlient icon with the Red Shield (see pictures of both methods below).

    OSX finder tool, Applications, forticlient console path display
    OSX finder tool, Applications, forticlient console path display


    or

    OSX menu bar black shield, connect to profile display
    OSX menu bar black shield, connect to profile display

  2. When the window pops up make sure your correct VPN Name is selected

  3. Type in your username in the Username field. (skip if its already there and saved in the config from the initial setup)  Contact remc1 if you are a vendor/outside entity.

  4. Type in your NETWORK login password. This will be the same password used to log into your work computer and your email. Its all one login. If you are a vendor or outside entity/non REMC1 member then REMC1 will supply you with the password.

  5. Click Connect

  6. Remember to disconnect when you are done. To disconnect click on the shield in the top menu bar as explained above or double click the forticlient red shield in Applications and click disconnect. Screenshots for both methods are already included above.

Apple IOS

  • Available in the app store. Titled Forticlient. I recommend just using the built in ipsec feature of IOS but the SSLvpn forticlient option does work well also. The settings are the same as explained above.


Android

  • Available here: https://play.google.com/store/apps/details?id=com.fortinet.forticlient_vpn&hl=en or search for fortinet in the google play store.

    Android forticlient vpn page display
    Android forticlient vpn page display