Hi,
I am trying to implement FortiClient Telemetry for remote users, they are connecting via SSL tunnel mode
In SSL-VPN Setting I have set "Allow Endpoint Registration"
I have also configured the ssl.root interface via cli with the following:
set fortiheartbeat enable set endpoint-compliance enable
I've configured the default FortiClient Compliance Profile to block clients that don't meet the requirement, but users can still connect as they were before and these polices are not being applied,
I also cannot register with security fabric from the forticlient, I receive the error "FortiGate or FortiClient Enterprise Management Server (EMS) was not found"
Ideally I need to force these remote users to register to Security Fabric and have the policies applied automatically
Can anybody tell me what I am missing?
Many Thanks
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
I know this post is half a year old now but just to say that it should work with set fortiheartbeat enable as you rightly say. The only other thing is that it might be a good idea to change the default ssl.root 169. interface IP to something else.
At least it works with 5.6.9 and fct 6.0.5
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1705 | |
1093 | |
752 | |
446 | |
230 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.