Using the Forti Client via the Windows Subsystem for Linux (WSL 2, WSLg)

As you may have noticed in the OpenFortiVPN config, you can do without directly specifying the DNS server in /etc/resolv.confand it works – but only if Docker with WSL integration is not installed on Windows. It adds its own entry to the route table:

ip route
default via 172.28.64.1 dev eth0 proto kernel
172.28.64.0/20 dev eth0 proto kernel scope link src 172.28.79.89 # Вот эта?

– and for some reason everything breaks. I'm not a networker at all, so I don't want to figure out why.

To launch the browser without output to stdout, you can use the utility nohup: nohup microsoft-edge &. This will allow you to free up the terminal panel/window for more important things.

Don't keep the Linux browser running for more than two days in a row! For some reason, over time it freezes almost 100% of the time.

By the way, most likely, all this will work on Windows 10 too… although I haven't seen it in person for a couple of years.

Naturally, there are other ways to organize access to the corporate intranet, but this one seemed the most elegant to me, since it visually creates the most “nativeness”. And if you don't notice unnecessary abstractions in the form of an RDP connection to a work computer or a specially prepared virtual machine, then it's psychologically easier to work. IMHO.

Want to go further and get rid of the proprietary FortiToken Mobile as well? Then you hereread the manual (you need root on your phone).

Conclusions

The instructions will be useful in any country where the rights and freedoms of citizens on the Internet are limited, in connection with which it is necessary to tunnel traffic not only for access to the company's network, but also for yourself. The article is suitable for people with the needs and situations described in the annotation, and only for them. These can be people of different orientations in IT: from managers and analysts to developers and leads without an archivist complex. The instructions are described, a few ways of troubleshooting (diagnosing faults), the pros and cons of this approach, as well as notes. And yet, it's good that WSL exists!

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *