| 90.6. Android FortiClient VPN Client | ||
|---|---|---|
 | Chapter 90. IPsec clients |  |
| 90.6. Android FortiClient VPN Client | ||
|---|---|---|
| | Chapter 90. IPsec clients | |
Go to https://play.google.com/store/apps/details?id=com.fortinet.forticlient_vpn&hl=en to download and install the FortiClient VPN client.
This table show the parameters of FortiClient VPN Client and their corresponding parameters in Abilis configuration. The information must be inserted in a “mirror” way: i.e. “LOCAL” information for Abilis are “REMOTE” for IPsec VPN client and vice versa.
Table 90.7. Checklist of parameters
| The FortiClient VPN client parameter | Abilis IKE Table | Abilis IKE Table parameter |
|---|---|---|
| Gateway (Tunnel Endpoint) | HOST | LOC-IP |
| Pre-shared Key / GroupPwd | PSK | KEY |
| Encryption | HOST | CIPHER |
| Local ID | HOST | KEY-ID |
| IKE Mode | HOST | MODE |
| DH GROUP | HOST | DH |
| Authentication | HOST | AUTH |
| Hash | HOST | HASH |
| Encryption | CLI | ESP-CIPHER |
| Authentication | CLI | ESP-AUTH |
Suppose that Abilis is configured in the following way. Refer to Section 83.19.1, “How to configure a RAS using IPSEC VPN server” to for the configuration of IPsec and IKE resources.
[14:52:09] ABILIS_CPX:d ike host:0------------------------------------------------------------------------------- HOST: NAME: LIFETIME: HASH: DPD: DPD-ACTION: LOCIP: NATT: MODE: MODE-CFG: DH: DPD-DELAY: REMIP: SIDE: AUTH: XAUTH: CIPHER: SA-TRY: DPD-TOUT: XAUTH-USER: XAUTH-PWD: -- PSK ID --------------------------------------------------------------- ID-TYPE: IP:/ID: PEER-ID-TYPE: PEER-IP:/PEER-ID: -- RSA Cert ------------------------------------------------------------- CERT-SEND: ASN1-DN: CERT-PEER: PEER-ASN1-DN: CERT-VERIFY: ------------------------------------------------------------------------------- 0 User_1_Aggressive 3600 SHA1 YES STOP 188.138.018.018 SYS AGGRESSIVE REQUEST MODP1024 30 * AUTO PSK SERVER AES128 3 120 user1 ******** -- PSK ID --------------------------------------------------------------- LOCIP KEY-ID mykey2020 ------------------------------------------------------------------------------- [14:43:16] ABILIS_CPX:d ike cli:0------------------------------------------------------------------------------- CLI: NAME: LIFETIME: ESP: AH: HOST: NET-LOC: RULE: PASSIVE: PFS: ESP-AUTH: AH-AUTH: NET-REM: PERMANENT: TUNNEL: ESP-CIPHER: MODE-CFG-DNS: ------------------------------------------------------------------------------- 0 user_1 28800 YES NO 0 000.000.000.000/00 IPSEC YES YES SHA1 SHA1 192.168.200.001/32 YES YES AES128 008.008.008.008 ------------------------------------------------------------------------------- [14:12:48] ABILIS_CPX:d ike psk:0------------------------------------------------------------------------------- PSK: KEY: PEER-ID-TYPE: PEER-IP:/PEER-ID: ------------------------------------------------------------------------------- 0 ******** KEY-ID mykey2020
To configure an Android FortiClient VPN Client for IPsec VPN connection with Abilis, follow these settings:
Open FortiClient VPN Client settings:
Go to "Server settings" and insert the configuration parameters (Abilis IP, PSK, KEY-ID, Aggressive Mode):
Go to "IPsec phase 1 settings":
Go to "IPsec XAuth settings":
Go to "IPsec phase 2 settings":
Return to Main Menu, insert the XAUTH password an click "LOGIN":
The VPN icon appears in the status bar to indicate that the connection is successful:
| |  | |
| 90.5. Android NCP VPN Client |  | 90.7. Ubuntu Cisco VPN Client |
![[Tip]](../images/tip.png)