Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
jie
Staff
Staff

Created on ‎07-07-2025 10:42 PM

Article Id 399219

Technical Tip: How to prevent FortiClient from receiving the wrong on/off fabric tag information before it auto connect VPN

Description This article describes how to prevent FortiClient from receiving the wrong on/off fabric tag information before it auto-connects to the VPN
Scope FortiClient.
Solution

On Windows startup, the network is not immediately available, and the network state will likely be offline, because servers are unreachable. 

 

FortiClient has a tag <disable_internet_check>; if it is set to 1, then it repeats connection attempts without checking the network status. If the network suddenly becomes available, then FortiClient might just connect a split second before fabric state updates to the onnet.

 

If <disable_internet_check> is set to 0, then FortiClient will not try repeatedly. Instead, it waits until the network becomes available, then continues the VPN connection. This usually would not cause any problem.

 

To modify this tag, go to EMS -> Endpoint Profiles, assign the VPN profile,  XML edit the tag <disable_internet_check>, change the value from the default '1' to '0'.

 

aaa.PNG
146
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.