Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
lpi
New Contributor II

Created on ‎12-25-2023 12:26 AM

Forticlient invitation code on public IP

Hello,

EMS is behind the firewall but the invitation code is based on the internal FQDN.

How can I solve this ? Manual entries are not allowed.

KR

Laurent

Labels:
1230
4 REPLIES 4
ozkanaltas
Valued Contributor III

Created on ‎12-25-2023 12:31 AM Edited on ‎12-25-2023 12:33 AM

Hello @lpi ,

 

You can configure your public IP address or fqdn on EMS settings. After that, this invitation will be sent with a configured fqdn or IP. 

 

https://docs.fortinet.com/document/forticlient/7.2.3/ems-administration-guide/319002/configuring-ems...

 

 

image.png

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1222
marcoperson_250
New Contributor II
In response to ozkanaltas

Created on ‎12-25-2023 03:14 AM

Thank you for sharing valuable insight.

1180
0 Kudos
lpi
New Contributor II

Created on ‎12-25-2023 12:47 AM Edited on ‎12-25-2023 12:50 AM

Hello,

I am of course already using the FQDN but with the internal server resolution.

If I put the external FQDN, all internal traffic will be also routed back to this VIP address instead of the local internal address. Moreover port 443 is not allowed on that external VIP.

KR

Laurent

1215
0 Kudos
ebilcari
Staff
Staff
In response to lpi

Created on ‎12-25-2023 05:38 AM

You have to add an entry on the public DNS that resolves the FQDN of EMS to the public IP (VIP) you have configured in the firewall.

For the internal DNS you could configure the same FQDN to be resolved to the private IP address of the EMS.

port fwd.PNG

Since the initiation will contain the domain only, it will work for both clients in public and private network.

invite.PNG

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.
1167
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.