Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
bksol92
Staff
Staff

Created on ‎06-29-2025 10:46 PM

Article Id 398810

Troubleshooting Tip: How to troubleshoot FortiClient connectivity with FortiClient Cloud Sandbox service

Description This article describes how to troubleshoot FortiClient connectivity with the FortiClient Cloud Sandbox service.
Scope All current FortiClient versions.
Solution

In order to communicate with the FortiClient Cloud Sandbox service, FortiClient will need to be able to reach aptctrl1.fortinet.com. Depending on the endpoint's location, the sandbox URL's resolved IP addresses may vary as well:

 

aptctrl1.png

 

Once a connection is established with one of the resolved addresses on port 443, a list of the actual IP addresses hosting the sandbox service on port 514 will be returned:

 

Connection with aptctrl1.fortinet.com establishedConnection with aptctrl1.fortinet.com established

 

Sandbox IP addresses returnedSandbox IP addresses returned

 

The endpoint will forward files to the sandbox service on port 514 if outbound traffic to it is allowed, as per FortiClient's own configuration.

The above logs can be found in C:\Program Files\Fortinet\FortiClient\logs\trace\fcaptmont_*.

 

139
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.