I have this setup, where EMS is not published and the off-net profile is restricting malicious and security risk contents. Will the Forticlient be able to do restrictions with the configured EMS Profile if the EMS is not reachable. This also refers when the VPN is not connected.
FortiClient #ForticlientEMS
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
that is correct. To determine status you need to be connected to EMS however FCT features will remain working. So if you have different profile for offnet and for onnet only the last received will be applied as there is no option to determine new status in your case...
Pavol
Yes, FCT will work as per last received config from EMS, please note there is no option to sync config changes if FCT is not connected to ems.
does this help ?
Thanks
Pavol
So no need of having EMS Published ?
KB Says as follows !
Endpoints must connect FortiClient Telemetry to EMS and FortiGate for FortiClient to use an on-net, off-net, or offline status.
When FortiClient connects Telemetry to EMS, FortiClient determines whether the endpoint has an on-net or off-net status.
that is correct. To determine status you need to be connected to EMS however FCT features will remain working. So if you have different profile for offnet and for onnet only the last received will be applied as there is no option to determine new status in your case...
Pavol
Hello,
My Forticlient has the status: unreachable. I deactivated disconnecting (not even with password). Since Forticlient cant communicate with EMS (i even unregistered the endpoint device and it keeps blocking) i cant change any settings because it wont "sync " the config with Forticlient and have no possibility to disconnect. Is there like a expire day, where it just auto disconnects because it didnt reach EMS for a specific time or is there any way to fix this ?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1712 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.