secur14y.netlify.app

All three VPN types (SSL VPN, IKEv2 VPN, and Clientless SSL VPN) are available for Mac OS X 10.9 (Mavericks) and higher. The following instructions will help you create and use the VPN option of your choice. For more information on the VPN types, see VPN.

• Forticlient For El Capitan Update
• El Capitan Os X

Click on the FortiClient icon on your task bar. Click Disconnect. Using the IKEv2 VPN Option on Mac OS X Setup the CAEDM IKEv2 VPN on MacOS (above 10.11) Beginning with MacOS 10.11 (El Capitan), Apple has provided IKEv2 VPN support built-in to MacOS. FortiClient VPN Problems With OSX 10.11 El Capitan I installed the GM candidate of Mac OS X 10.11 El Capitan and my FortiClient VPN has stopped working. It completes the login, but after connection, no data is transferred - the incoming and outgoing freeze. It is a split tunnel connection and neither network or internet traffic works.

• 1Using the SSL VPN Option on Mac OS X
• 2Using the IKEv2 VPN Option on Mac OS X

Using the SSL VPN Option on Mac OS X

This option works best on Mac OS X versions below 10.11 (El Capitan). Endpoint security checkpoint vpn for macos catalina download.

Setup the CAEDM SSL VPN on Mac OS X

1. Using your web browser, go to https://vpn.et.byu.edu
   • NOTE: If you get an orange login screen, then you have entered the wrong address and you will not be able to login. Try again with the exact address listed above.
2. In the blue Please login box, enter your username and password
3. Click Login
4. In the FortiClient Download box, click FortiClient Mac
   • NOTE: You can alternatively download the FortiClient for Mac from https://www.forticlient.com.
5. Run the client installer you just downloaded. The install process will:
   1. Unpack the installer
   2. Run a virus scan
   3. Present you will a license agreement, which you will have to accept to continue
   4. Prompt for Complete or VPN only install; choose the VPN Only button
   5. Prompt for an install location; accept the default
   6. Prompt to confirm your previous settings and continue the install
   7. Install the client
      • NOTE: The installer will create a new 'fortissl' adapter in your list of network connections. Do not change or remove the fortissl adapter, or the SSL VPN will not work
   8. Prompt to finish the install; Click Finish
6. Open the FortiClient either from the Spotlight, or from the FortiClient icon in the menu bar.
7. Click Configure VPN
8. Click the SSL-VPN button at the top, if it is not already selected
9. In the Connection Name field, enter CAEDM SSL VPN
10. In Remote Gateway, type in vpn.et.byu.edu
11. Click Apply, and then click Close

To connect to the CAEDM SSL VPN

1. Open the FortiClient application, either from your menu bar if FortiClient was automatically started, or from the Spotlight
2. Select the CAEDM SSL VPN connection, if it is not already selected
3. Enter your Username and Password in the appropriate fields
4. Click Connect

To disconnect from the CAEDM SSL VPN

1. Click on the FortiClient icon on your task bar.
2. Click Disconnect.

Using the IKEv2 VPN Option on Mac OS X

Setup the CAEDM IKEv2 VPN on MacOS (above 10.11)

Beginning with MacOS 10.11 (El Capitan), Apple has provided IKEv2 VPN support built-in to MacOS. The following instructions were based on MacOS 10.13 (High Sierra), but should be similar for 10.11 (El Capitan) and 10.12 (Sierra).

Screenshots are available after the instructions (click to view full size).

1. Open System Preferences, and click on Network. Click the plus icon in the bottom left of the Network Preferences window.
2. Select VPN under Interface.
3. Select IKEv2 under VPN Type.
4. Type a description for the VPN in the Service Name box (for example, CAEDM IKEv2 VPN).
5. Click create.
6. Enter vpn.et.byu.edu for Server Address and Remote ID.
7. Click Authentication Settings.
8. Select Username in the drop-down menu.
9. Type your CAEDM username and password in their respective text boxes.
10. Click OK.
11. Click Connect.

At this point, you should be successfully connected to the CAEDM VPN!

Setup the CAEDM IKEv2 VPN on Mac OS X (below 10.11)

Apple has yet to release official IKEv2 support for Mac OS X. While the strongSwan IKEv2 client works, you must change your Network Location each time you connect or disconnect with the VPN. Otherwise OS X will ignore settings provided by the VPN, and be unable to find other computers. For this reason, the SSL VPN client is easier to use when using a Mac. If the SSL VPN does not work for you, or if you would still like to use the IKEv2 VPN instead, the instructions are as follows:

NOTE: The following instructions are based on OS X 10.9 (Mavericks) and 10.10 (Yosemite). Other versions of OS X may vary.

1. Download the strongSwan client zip file from http://download.strongswan.org/osx/strongswan-5.3.0-1.app.zip
2. Double click the strongswan-5.3.0-1.app.zip file you just downloaded. This will extract the archive in the current folder
3. Drag the strongSwan application to your Applications folder
4. Double click the strongSwan application
5. Confirm that you want to open an application downloaded from the Internet by clicking Open
   • NOTE: You will now have a light-gray swan icon in your menu bar. This will be the only indication strongSwan is running.
6. Click on the light-gray strongSwan icon in the menu bar, and click Add Connection..
7. In the Connection name field, enter CAEDM IKEv2 VPN
8. In the Authentication selector, choose IKEv2 EAP
9. In the Server address field, enter vpn.et.byu.edu
10. In the Username field, enter your CAEDM username
11. Open up the System Preferences application
12. Select Network
13. Unlock the settings by clicking on the padlock icon on the left side
14. In the Authenticate dialog, enter your password for your computer, and click Unlock
15. In the Location field, select Edit Locations
16. Click the + button, and in the new entry type CAEDM IKEv2 VPN Location
17. Click Done. The Location field should now say CAEDM IKEv2 VPN Location
18. Click the Advanced.. button at the bottom of the Network settings window
19. Click the DNS tab
20. Under the DNS Servers box, click the + button
21. In the new entry, type 128.187.48.2
22. Under the DNS Servers box, click the + button again
23. In the new entry, type 128.187.56.2
24. Click OK
25. Click Apply at the bottom of the Network window
26. Close the Network window by clicking on the red dot in the upper left corner
27. Click the Apple icon in the menu bar
28. Point to Location, and click Automatic

To connect to the CAEDM IKEv2 VPN

1. Start the strongSwan app from the Spotlight (if it isn't already running)
2. Click on the light-gray strongSwan icon in the menu bar
3. Point to CAEDM IKEv2 VPN, and click on Connect
4. In the Password required dialog that pops up, enter your CAEDM password, and click OK
   • NOTE: When the light-gray strongSwan icon in the menu bar changes to black, you are connected to the VPN. But, you must change the Network Location, or you will be unable to connect to other computers.
5. Click the Apple icon in the menu bar
6. Point to Location, and click CAEDM IKEv2 VPN Location

You are now connected to the CAEDM IKEv2 VPN.

To disconnect from the CAEDM IKEv2 VPN

1. Click on the strongSwan icon in the menu bar
2. Point to CAEDM IKEv2 VPN, and click Disconnect
   • NOTE: When the black strongSwan icon in the menu bar changes to light-gray, you are disconnect from the VPN. But you must change the Network Location back to Automatic, or you will be unable to connect to other computers.
3. Click the Apple icon in the menu bar
4. Point to Location, and click Automatic

You are now disconnected from the CAEDM IKEv2 VPN

All three VPN types (SSL VPN, IKEv2 VPN, and Clientless SSL VPN) are available for Mac OS X 10.9 (Mavericks) and higher. The following instructions will help you create and use the VPN option of your choice. For more information on the VPN types, see VPN.

• 1Using the SSL VPN Option on Mac OS X
• 2Using the IKEv2 VPN Option on Mac OS X

Using the SSL VPN Option on Mac OS X

This option works best on Mac OS X versions below 10.11 (El Capitan).

Setup the CAEDM SSL VPN on Mac OS X

1. Using your web browser, go to https://vpn.et.byu.edu
   • NOTE: If you get an orange login screen, then you have entered the wrong address and you will not be able to login. Try again with the exact address listed above.
2. In the blue Please login box, enter your username and password
3. Click Login
4. In the FortiClient Download box, click FortiClient Mac
   • NOTE: You can alternatively download the FortiClient for Mac from https://www.forticlient.com.
5. Run the client installer you just downloaded. The install process will:
   1. Unpack the installer
   2. Run a virus scan
   3. Present you will a license agreement, which you will have to accept to continue
   4. Prompt for Complete or VPN only install; choose the VPN Only button
   5. Prompt for an install location; accept the default
   6. Prompt to confirm your previous settings and continue the install
   7. Install the client
      • NOTE: The installer will create a new 'fortissl' adapter in your list of network connections. Do not change or remove the fortissl adapter, or the SSL VPN will not work
   8. Prompt to finish the install; Click Finish
6. Open the FortiClient either from the Spotlight, or from the FortiClient icon in the menu bar.
7. Click Configure VPN
8. Click the SSL-VPN button at the top, if it is not already selected
9. In the Connection Name field, enter CAEDM SSL VPN
10. In Remote Gateway, type in vpn.et.byu.edu
11. Click Apply, and then click Close

To connect to the CAEDM SSL VPN

1. Open the FortiClient application, either from your menu bar if FortiClient was automatically started, or from the Spotlight
2. Select the CAEDM SSL VPN connection, if it is not already selected
3. Enter your Username and Password in the appropriate fields
4. Click Connect

To disconnect from the CAEDM SSL VPN

1. Click on the FortiClient icon on your task bar.
2. Click Disconnect.

Using the IKEv2 VPN Option on Mac OS X

Setup the CAEDM IKEv2 VPN on MacOS (above 10.11)

Beginning with MacOS 10.11 (El Capitan), Apple has provided IKEv2 VPN support built-in to MacOS. The following instructions were based on MacOS 10.13 (High Sierra), but should be similar for 10.11 (El Capitan) and 10.12 (Sierra).

Screenshots are available after the instructions (click to view full size).

1. Open System Preferences, and click on Network. Click the plus icon in the bottom left of the Network Preferences window.
2. Select VPN under Interface.
3. Select IKEv2 under VPN Type.
4. Type a description for the VPN in the Service Name box (for example, CAEDM IKEv2 VPN).
5. Click create.
6. Enter vpn.et.byu.edu for Server Address and Remote ID.
7. Click Authentication Settings.
8. Select Username in the drop-down menu.
9. Type your CAEDM username and password in their respective text boxes.
10. Click OK.
11. Click Connect.

At this point, you should be successfully connected to the CAEDM VPN!

Forticlient For El Capitan Update

Setup the CAEDM IKEv2 VPN on Mac OS X (below 10.11)

Apple has yet to release official IKEv2 support for Mac OS X. While the strongSwan IKEv2 client works, you must change your Network Location each time you connect or disconnect with the VPN. Otherwise OS X will ignore settings provided by the VPN, and be unable to find other computers. For this reason, the SSL VPN client is easier to use when using a Mac. If the SSL VPN does not work for you, or if you would still like to use the IKEv2 VPN instead, the instructions are as follows:

NOTE: The following instructions are based on OS X 10.9 (Mavericks) and 10.10 (Yosemite). Other versions of OS X may vary.

1. Download the strongSwan client zip file from http://download.strongswan.org/osx/strongswan-5.3.0-1.app.zip
2. Double click the strongswan-5.3.0-1.app.zip file you just downloaded. This will extract the archive in the current folder
3. Drag the strongSwan application to your Applications folder
4. Double click the strongSwan application
5. Confirm that you want to open an application downloaded from the Internet by clicking Open
   • NOTE: You will now have a light-gray swan icon in your menu bar. This will be the only indication strongSwan is running.
6. Click on the light-gray strongSwan icon in the menu bar, and click Add Connection..
7. In the Connection name field, enter CAEDM IKEv2 VPN
8. In the Authentication selector, choose IKEv2 EAP
9. In the Server address field, enter vpn.et.byu.edu
10. In the Username field, enter your CAEDM username
11. Open up the System Preferences application
12. Select Network
13. Unlock the settings by clicking on the padlock icon on the left side
14. In the Authenticate dialog, enter your password for your computer, and click Unlock
15. In the Location field, select Edit Locations
16. Click the + button, and in the new entry type CAEDM IKEv2 VPN Location
17. Click Done. The Location field should now say CAEDM IKEv2 VPN Location
18. Click the Advanced.. button at the bottom of the Network settings window
19. Click the DNS tab
20. Under the DNS Servers box, click the + button
21. In the new entry, type 128.187.48.2
22. Under the DNS Servers box, click the + button again
23. In the new entry, type 128.187.56.2
24. Click OK
25. Click Apply at the bottom of the Network window
26. Close the Network window by clicking on the red dot in the upper left corner
27. Click the Apple icon in the menu bar
28. Point to Location, and click Automatic

To connect to the CAEDM IKEv2 VPN

1. Start the strongSwan app from the Spotlight (if it isn't already running)
2. Click on the light-gray strongSwan icon in the menu bar
3. Point to CAEDM IKEv2 VPN, and click on Connect
4. In the Password required dialog that pops up, enter your CAEDM password, and click OK
   • NOTE: When the light-gray strongSwan icon in the menu bar changes to black, you are connected to the VPN. But, you must change the Network Location, or you will be unable to connect to other computers.
5. Click the Apple icon in the menu bar
6. Point to Location, and click CAEDM IKEv2 VPN Location

You are now connected to the CAEDM IKEv2 VPN.

To disconnect from the CAEDM IKEv2 VPN

1. Click on the strongSwan icon in the menu bar
2. Point to CAEDM IKEv2 VPN, and click Disconnect
   • NOTE: When the black strongSwan icon in the menu bar changes to light-gray, you are disconnect from the VPN. But you must change the Network Location back to Automatic, or you will be unable to connect to other computers.
3. Click the Apple icon in the menu bar
4. Point to Location, and click Automatic

El Capitan Os X

You are now disconnected from the CAEDM IKEv2 VPN