FortiClient Telemetry Connection

FortiClient Telemetry Connection

In managed mode, FortiClient uses a gateway IP address to connect FortiClient Telemetry to FortiGate or FortiClient EMS. For more information, see Telemetry Gateway IP Lists on page 31.

How FortiClient locates FortiGate/EMS

FortiClient uses the following methods in the following order to automatically locate FortiGate/EMS for Telemetry connection:

  • Telemetry Gateway IP List

FortiClient Telemetry searches for IP addresses in its subnet in the Gateway IP list. It connects to the FortiGate in the list that is also in the same subnet as the host system.

If FortiClient cannot find any FortiGates in its subnet, it will attempt to connect to the first reachable FortiGate in the list, starting from the top. The order of the list is maintained as it was configured in the Gateway IP list.

  • Remembered gateway IP list

You can configure FortiClient to remember gateway IP addresses when you connect Telemetry to

FortiGate/EMS. Later FortiClient can use the remembered IP addresses to automatically connect Telemetry to FortiGate/EMS.

  • Default gateway IP address

The default gateway IP address is specified on the FortiClient endpoint and is used to automatically connect to FortiGate. This method does not support connection to EMS.

FortiClient obtains the default gateway IP address from the operating system on the endpoint device. The default gateway IP address of the endpoint device should be the IP address for the FortiGate interface with Telemetry enabled.

If FortiClient is unable to automatically locate a FortiGate/EMS on the network for Telemetry connection, you can use the following methods to manually connect Telemetry to FortiGate/EMS: l Type the gateway IP address of FortiGate/EMS. See Connect FortiClient Telemetry manually on page 54.

FortiClient uses the same process to connect Telemetry to FortiGate/EMS after the FortiClient endpoint reboots, rejoins the network, or encounters a network change.

Telemetry Connection                                  Connect FortiClient Telemetry after installation

Connect FortiClient Telemetry after installation

After FortiClient software installation completes on an endpoint, FortiClient automatically launches and searches for a FortiGate or FortiClient EMS for FortiClient Telemetry connection. See also How FortiClient locates FortiGate/EMS on page 51.

When FortiClient locates a FortiGate or EMS, the FortiGate Detected or Enterprise Management Server (EMS) Detected dialog box is displayed.

The following options are availble:

Endpoint User Displays the name of the endpoint user that is logged into the endpoint device.
Logged into Domain Displays the name of domain if applicable.
Hostname Displays the name of the endpoint device.
Profile Details Click to display details of the profile that FortiClient will download after you accept connection to FortiGate/EMS. See also FortiClient profiles on page 29.
Remember this FortiGate Select for FortiClient to remember the gateway IP address of the

FortiGate/EMS to which you are connecting Telemetry. See also Remember gateway IP addresses on page 52.

Click Accept to connect FortiClient Telemetry to the identified FortiGate/EMS. Alternately, you can click Cancel to launch FortiClient software without connecting FortiClient Telemetry. FortiClient launches in standalone mode. You can manually connect FortiClient Telemetry later.

After FortiClient Telemetry is connected to FortiGate or EMS, FortiClient downloads a profile from FortiGate/EMS. A system tray bubble message will be displayed once the profile download is complete.

Remember gateway IP addresses

When you confirm Telemetry connection to a FortiGate/EMS, you can instruct FortiClient to remember the gateway IP address of the FortiGate/EMS. If a connection key is required, FortiClient remembers the connection password too. FortiClient can remember up to 20 gateway IP addresses for FortiGate/EMS. 52

Remember gateway IP addresses                                                           FortiClient Telemetry Connection

The remembered IP addresses display in the Local Gateway IP list. FortiClient can use the remembered gateway IP addresses to automatically connect to FortiGate/EMS.

See also Forget gateway IP addresses on page 60.

To remember FortiGate/EMS:

  1. In the FortiGate/EMS Detected dialog box, select the Rememberthis FortiGate or Rememberthis EMS (not shown) check box.
  2. Click Accept.

FortiClient remembers the IP address and password, if applicable.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

This entry was posted in FortiClient and tagged , , on by .

About Mike

Michael Pruett, CISSP has a wide range of cyber-security and network engineering expertise. The plethora of vendors that resell hardware but have zero engineering knowledge resulting in the wrong hardware or configuration being deployed is a major pet peeve of Michael's. This site was started in an effort to spread information while providing the option of quality consulting services at a much lower price than Fortinet Professional Services. Owns PacketLlama.Com (Fortinet Hardware Sales) and Office Of The CISO, LLC (Cybersecurity consulting firm).

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.