Skip to main content
Jim_FH
Jim_FH
New Member
January 19, 2017
Question

EMS - Endpoint Control Settings - Onnet Subnets

  • January 19, 2017
  • 1 reply
  • 5635 views

Has anyone use the EMS option for "onnet subnets" in the Endpoint profiles?  

 

I get the overall concept, but I'm wondering what practical application it has.  Has anyone used this for anything useful, and if so, what?

 

thanks!

 

Jim

    1 reply

    neonbit
    neonbit
    New Member
    January 20, 2017

    I guess a scenario could be if you had three sites, each with their own subnets:

     

    New York: 10.111.1.0/24

    San Francisco: 10.111.2.0/24

    Chicago: 10.111.3.0/24

     

    You want the FortiClient Web-filtering to be disabled when on these networks as they're your own companies (and have FortiGates with webfiltering).

     

    In the same vein, maybe you have VPN auto-connect configured so that your clients automatically connect to the corporate VPN when they login to the computer, but you don't want this VPN connection to occur when at one of your offices (ie: only auto-connect when off-net).

     

    Jim_FH
    Jim_FHAuthor
    New Member
    January 20, 2017

    Interesting, thanks!

     

    I was wondering if future features may include not registering to EMS when "on net" as I want to (for now) manage only the clients that connect via remote access VPN.

     

    For now, i'm blocking port 8013 on the EMS servers from subnets that are NOT VPN clients.

     

     

    Terms & ConditionsAccessibility statement