Pushing a Configuration Profile during Forticlient install

Forum|Forum|11 months ago
July 8, 2025
2 replies
1047 views

OK to set the scene.

We are using Fortinet EMS Cloud with Entra SSO authentication. We create the deployment and push via Intune. Our machines are built with Autopilot in a Hybrid setup. When the Forticlient is installed and the machine rebooted, the VPN shield is not present so the user in unable to connect to the network remotely. Note, this is not an issue for newly built machines on the network only those that are remote.

The endpoint profile is not pushed to the machine until the user has logged into the machine. But as the user cannot login, the machine cannot receive the profile.

How can the configuration profile be pushed as part of the initial Forticlient install?

Martin

FortiClient EMS

AEK

SuperUser

When you create an installer you can assign a default VPN profile during the wizard, and it will be embedded in the installer.

AEK

dulakzu2

New Member

Not familiar with jamf, but all I have to do is export a working config from my laptop and push it out with Datto. The FortiClient versions don’t even have to match so long as they’re on the same major release.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded