| Description | This article describes how to to address issues related to the EMS side of the new FortiClient Installer creation and signature updates. |
| Scope |
FortiClient EMS, FortiClient Windows, FortiClient Linux, FortiClient MacOS. |
| Solution |
First, make sure to allow the following domains on the FortiGate side.
forticlient.fortinet.net, TCP port 80 myforticlient.fortinet.net, TCP port 80 fctupdate.fortinet.net, TCP port 443
See Required services and ports - FortiClient EMS administration guide. SSL Inspection should be assigned 'no-inspection' to the above addresses.
To verify further, access the Windows server where EMS is installed, run the command prompt as admin, and execute the commands below:
The results will show if problems occurred while connecting to the above addresses.
Secondly, If allowed traffic was allowed to those domains, change FortiGuard servers with Global/US/Europe and try again. To do so,
Go to EMS -> System Settings -> FortiGuard Services.
Lastly, check if the 'Enable SSL' option under EMS -> System Settings -> FortiGuard Services is enabled, then check again by disabling it.
If the issue improves after turning off the Enable SSL option, to restore the functionality of the Enable SSL option, raise a new ticket to the TAC team. |
