FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
Article Id 246855

This article describes why users on certain PCs see the following error:


Policy restriction! No policy matched! End-point SN miss matched. SN: 41D09397CECDAAF6CBB523F18508CF82xxxxxxxx ID: 45311937327F4C6B8A542432xxxxxxxx Timestamp: 1677028182


A solution is offered.





This issue occurs if EMS attempts to make changes to the certificate and the system refuses or fails to update it to the latest certificate.


This article details two fixes. In cases where the user did not select the certificate or missed the browser verification prompt, try method 1 for a faster fix.


Method 1:


1) Close the tab(s) with the ZTNA error.

2) Clear the browser’s cache.

3) Relaunch the browser.

4) Try to access the resource again.


If access is still denied, attempt method 2:


Method 2:


1) Disconnect FortiClient from EMS.




2) Shut down FortiClient on the Windows taskbar.



3) Open 'cmd' as an administrator and type 'net stop fortishield'. This will stop the FortiClient process.




4) Open the FortiClient directory C:\ProgramFiles\Fortinet\FortiClient\cert and delete all files in cert\local.




5) Reboot the PC.

6) Restart FortiClient and connect to the EMS again.

If the issue still persists, contact Fortinet support for further assistance.