Help
FortiSASE
FortiSASE delivers both a consistent security posture and an optimal user experience for users working from anywhere. Secure your hybrid workforce by closing security gaps, plus simplify operations.
lcamilo
Staff
Staff

Created on ‎05-09-2024 09:52 PM

Article Id 314151

Technical Tip: How to uninstall or re-install FortiSASE FortiClient software

Description

 

This article describes how to re-install a FortiSASE-managed FortiClient.

 

Scope

FortiClient 7.0.11 and all FortiSASE Recommended versions:
Product integration and support

 

Solution

 

FortiSASE Managed endpoints cannot be uninstalled if the telemetry is connected. The Zero Trust Telemetry must be 'disconnected' so the uninstall option is available.

 

There are 3 options available to remove and uninstall a managed client:

  1. Disconnect from the client itself. Under the FortiSASE management portal -> Configuration -> Profiles, edit profile.

 

endpoints_disconnect_fortisase.png

 

If the Option 'Endpoints can disconnect from FortiSASE' is enabled and there is no password required to disconnect, the user would have the option to 'Disconnect'.

 

fct_disconnect_option.png

 

If a password is set, the user will be prompted for the password before disconnecting from the Telemetry. 
Once disconnected, it is possible to Uninstall the client using regular ways from the 'Program and Features' control panel option.

 

Programs_Features_Uninstall_on.png

 

More information about allowing endpoints to be disconnected from the FortiSASE option can be found in the FortiSASE Administration Guide below: 
Connection 

 

Note:

Endpoints disconnected using this method are permanently deleted from the FortiSASE cloud 'Managed Endpoints' list. Once re-installed, they will appear in the 'Managed Endpoints' list again. 

 

  1. Disconnect the telemetry from the FortiSASE management portal. Under the FortiSASE management portal -> Network -> Managed Endpoints. This page has 2x views toggled using the buttons on the top right corner called 'Managed Endpoints' and 'Unmanaged Endpoints'. The Telemetry can be disconnected remotely by selecting the desired client and under 'Management connection' selecting 'Disable'.

 

fortisase_managed_endpoint.png

 

This will send a message to the client to disconnect itself and it will cache and remember the invitation code. 

 

fct_disconnected.png

 

This will allow the client to be uninstalled using regular ways from the 'Program and Features' control panel option.

 

Programs_Features_Uninstall_on.png

 

 

Note:

Endpoints disconnected using this method will be moved to the 'Unmanaged Endpoints' list where they will be prevented from re-joining.
Before re-installing or re-adding the invitation code,  move the endpoint back to the 'Managed Endpoints' list.

 

fortisase_unmanaged_endpoint.png
After that, the client can be re-installed.

 

  1. Use the FC Removal Tool from the Windows safe mode:
    Technical Tip: How to uninstall a managed FortiClient in Windows Machines

 

Note:

This option will not notify the FortiSASE telemetry about the removal of the client and the client will remain in the 'Managed Endpoints' list and 'Offline'.

437
Submit Article Idea
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.