When deploying the FortiEDR collector in Windows devices, a Connection Status error: 'Can't connect to server (-300060)' could be seen:

To troubleshoot the issue, follow the below steps:

1. Confirm connectivity with the Aggregator and port 8081 by running telnet to the aggregator FQDN or IP address. For example:
   
   

telnet <ip_address_of_Aggregator> -p 8081

Also, run the below command in Powershell:

$ Test-NetConnection <ip_address_of_Aggregator> -p 8081

Run the CLI command to confirm the connection to Aggregator (Port 8081)/Core (Port555) servers is established:

netstat -an | findstr 8081

netstat -an | findstr 555

2. If connection is OK, verify the FortiEDR Manager connection status by running below command from a Command Prompt:

C:\Program Files\Fortinet\FortiEDR\FortiEDRCollectorService.exe --estatus

Connection error -300060 is likely related to SSL connection issues. 

Verify if Firewall policies are forcing an SSL Deep-inspection in this traffic. To fix it, create a new firewall rule with no SSL-inspection for Aggregator and Core IP address Destinations (ports 8081 and 555) and verify the connection again.

3. If the issue persists, open a case with TAC support and include the below outputs, and the log file that will be generated after running the second command:

C:\Program Files\Fortinet\FortiEDR\FortiEDRCollectorService.exe --estatus

C:\Program Files\Fortinet\FortiEDR\FortiEDRCollectorService.exe --support