Fortinet make it really simple to use their premium EMS product to deploy and manage the free FortiClient VPN. If you’re fortunate enough to have already made an investment in Fortinet EMS, go right ahead and use EMS for your config and deployment.
If, like the rest of us, you haven’t got access to the whole suite, you’ll be using the FortiClient VPN standalone.
I wasn’t able to find a full guide to silently deploy the client and silently configure a VPN profile, so decided to write one.
Downloading the installer
First, you’ll need to obtain the FortiClient VPN EXE: Link: https://www.forticlient.com/downloads

Next, we need to get hold of the “offline installer” from the installer that you just downloaded.
Run the executable you downloaded (eg FortiClientVPNOnlineInstaller_6.4.exe). Click through the prompts and stop just before installing the actual application. The MSI file will be downloaded to %temp%\{GUID}.
Copy the MSI file and store in a packaging dir, (eg C:\Package\), then continue with the installation. Once installed, configure the VPN per the settings that are required for the connection and test.
Export the configuration
Once tested, head to the padlock symbol in the FortiVPN client to elevate to Administrator, then choose Settings (cog icon) then Backup.

Create a .bat with the following content, and place it in the same folder as your backup file and :
msiexec /i "FortiClientVPN.msi" /passive /quiet INSTALLLEVEL=3 DESKTOPSHORTCUT=0 /NORESTART
timeout /t 60 /nobreak
"C:\Program Files\Fortinet\FortiClient\FCConfig.exe" -m vpn -f **backup.conf** -o import -p **password**
Wrap as Intune Win32
Download the Win32 Content Prep Tool from GitHub – microsoft/Microsoft-Win32-Content-Prep-Tool: A tool to wrap Win32 App and then it can be uploaded to Intune
Run the tool to prepare your intunewin file

From the Endpoint Manager Portal, create the app





And assign to an appropriate Group of Users or Devices
4 thoughts on “Automating the Install of FortiClient VPN via MEM (Intune)”
Leave a Reply
You must be logged in to post a comment.
Hi
Thanks for this Tuto
I followed for an autopilot setup
but only fortissl (PPPoP WAN adapter) is shown
i want the SSL VPN
any ideas ?
Thanks
Could you try testing the install commands you’ve used on a test computer that is already built to see if it installs correctly?
Once you are sure the installer command works then you can add to an autopilot test.
Thank you,
this one work for me:
FCConfig -m vpn -f -o importvpn -i 1 -p
Import the VPN tunnel configuration (encrypted).
source:
https://docs.fortinet.com/document/forticlient/6.0.1/xml-reference-guide/749677/back-up-and-restore-command-line-utility-commands-and-syntax
Regards,
From where did you get register profile key?