Tag Archives: forticlient guide

Custom FortiClient Installations

Custom FortiClient Installations

The FortiClient Configurator tool is the recommended method of creating customized FortiClient installation files.

You can also customize which modules are displayed in the FortiClient dashboard in the FortiClient profile. This will allow you to activate any of the modules at a later date without needing to re-install FortiClient. Any changes made to the FortiClient profile are pushed to connected clients.

When creating VPN only installation files, you cannot enable other modules in the FortiClient profile as only the VPN module is installed.

When deploying a custom FortiClient XML configuration, use the advanced profile options in FortiClient EMS to ensure the profile settings do not overwrite your custom XML settings. For more information, see the FortiClient XML Reference and the FortiClient EMS Administration Guide.

The FortiClient Configurator tool is included with the FortiClient Tools file in FortiClient 5.4.1. This file is only available on the Customer Service & Support portal and is located in the same file directory as the FortiClient images.

The Configurator tool requires activation with a license file. Ensure that you have completed the following steps prior to logging in to your FortiCare product web portal:

  • Purchased FortiClient Registration License l Activated the FortiClient license on a FortiGate

This video explains how to purchase and apply a FortiClient License: http://www.youtube.com/watch?feature=player_embedded&v=sIkWaUXK0Ok This chapter contains the following sections:

  • Download the license file on page 110 l Prepare configuration files on page 111 l Create a custom installer on page 113 l Custom installation packages on page 120 l Advanced FortiClient profiles on page 121

Download the license file

To retrieve your license file:

  1. Go to https://support.fortinet.com and log in to your FortiCare account.
  2. Under Asset select Manage/View Products. Select the FortiGate device that has the FortiClient registration license activated. You will see the Get the Key File link in the Available Key(s) 110

 

Prepare configuration files

  1. Click the link and download license file to your management computer. This file will be needed each time you use the FortiClient Configurator tool.

Application Firewall

Application Firewall

FortiClient can recognize the traffic generated by a large number of applications. You can create rules to block or allow this traffic per category, or application.

Enable/disable Application Firewall

The administrator enables the application firewall feature by using a FortiClient profile. The FortiClient profile includes the application firewall configuration.

The FortiClient Endpoint Control feature enables the site administrator to distribute an Application Control sensor from FortiGate/EMS.

On the FortiGate, the process is as follows:

l Create an Application Sensor and Application Filter on the FortiGate, l Add the Application Sensor to the FortiClient Profile on the FortiGate.

On EMS, the application firewall is part of the endpoint profile.

For more information on configuring application control security profiles, see the FortiOS Handbook -The Complete Guide to FortiOS available in the Fortinet Document Library.

View application firewall profiles

To view the application firewall profile, select Show all.

Application Firewall                                                                                                 View blocked applications

View blocked applications

To view blocked applications, select the Applications Blocked link in the FortiClient console. This page lists all applications blocked in the past seven days, including the count and time of last occurrence.