Hello,

yesterday i configured EMS and made some tests.

Thats what i want to achive with FortiClient:

On Net / Off Net Detection, if a user is Offnet an VPN will be connect automaticly to the FortiGate vie SSL VPN, FortiClient will use automaticly Windows Credentials and a Certifikate so that the User must not do any actions on that.

It should be possible for some users to disconnect this VPN or to Abort it and for some Users it should be not possible

i found this XML Configuration in the Fortinet Guide

<forticlient_configuration> <current_connection_name>ssldemo <current_connection_type>ssl <autoconnect_tunnel> <autoconnect_only_when_offnet>0 <keep_running_max_tries>0 <save_password>0 <minimize_window_on_connect>1 <allow_personal_vpns>1 <disable_connect_disconnect>0 <show_vpn_before_logon>0 <use_windows_credentials>1 <use_legacy_vpn_before_logon>0 <show_negotiation_wnd>0 <disable_dead_gateway_detection>0 <vendor_id>

but if i change the Profile mode on EMS to Advanced and search for this configuration in the XML Code of Profile i cant find this features.

i tried to add them manually to this Profile and then Upload to FortiClient, the Upload works and i see my settings in the XML of FortiClient but nothing happens if Client go Off Net,

i also tried to configure VPN Before Logon with this Setting but had also no luck.

Anyone who had similar expirience or could tell me what would be the right way to achive that with EMS?

Thank you