Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
steckels
New Contributor

Endpoints showing offline in EMS unless user is logged in

Hello!

We are running EMS 1.0.1.0077 with client versions 5.4.1.0840 and 5.4.1.0860. I've noticed that unless a user is logged in, all of the machines show as offline, which includes our servers. Does anyone know if this is a known bug or a configuration change that I can make on either the hosts, EMS server or within the forticlient configuration? We have AV, Webfilter and vulnerability enabled for servers and will soon add the application firewall. We also have the EMS server communicating with our Fortianalyzer.

1 Solution
rod_FTNT
Staff
Staff

Hello steckels!

 

This is an expected behaviour, turned on by default. You can disable that editing the Endpoint Profile - System Settings - Endpoint Control Settings - Log off when user logs out of Windows (switch off)

 

See attachment!

 

Hope it helps!

View solution in original post

3 REPLIES 3
SteveG
Contributor III

I'm seeing similar results. I have an open ticket with support as I also have a number of clients that have FortiClient installed but EMS shows as 'not installed' despite the client being installed via EMS! Given the length of time it takes to get a response from Fortinet they are struggling to understand these oddities too! I did update EMS to 1.0.3 and FortiClient 5.4.2 but it hasn't helped.

 

Out of interest how many clients do you have registered to EMS @steckels? I have 1,000 and wondering if it's too many for it to cope with.

steckels

I haven't run into the "Not installed" problem, but have been manually touching machines to perform a variety of tasks. We have a fairly small environment- so only 94 clients currently connected to EMS in our situation. I wonder if you can change the 60 second poll time within the CLI of the EMS server? 

rod_FTNT
Staff
Staff

Hello steckels!

 

This is an expected behaviour, turned on by default. You can disable that editing the Endpoint Profile - System Settings - Endpoint Control Settings - Log off when user logs out of Windows (switch off)

 

See attachment!

 

Hope it helps!

Labels
Top Kudoed Authors