Fortinet white logo
Fortinet white logo

XML Reference Guide

Roaming FortiGate example

Roaming FortiGate example

In the example below, Research Lab and Fortinet appear in the FortiClient console. FortiClient attempts to connect silently to one of the IPs in Research Lab first. If both fail (because the laptop is not in the lab), the client attempts to connect to Fortinet.

Because Fortinet uses a FQDN, the actual FortiGate the client attempts to connect to may vary because of DNS settings.

<forticlient_configuration>

<endpoint_control>

<disable_unregister>1</disable_unregister>

<silent_registration>1</silent_registration>

<fortigates>

<fortigate>

<name>Research Lab</name>

<addresses>10.10.10.1:9090;10.10.10.2:9090</addresses>

<registration_password>33333333</registration_password>

</fortigate>

<fortigate>

<name>Fortinet</name>

<addresses>fgt.fortinet.com:8002</addresses>

<registration_password>22222222</registration_password>

</fortigate>

</fortigates>

</endpoint_control>

</forticlient_configuration>

The following elements are set by the FortiGate. FortiClient reads them and imports into its configuration when received from the FortiGate. If modified by the user locally on the Windows system, FortiClient ignores the changes.

<disable_unregister>

<ui>

For the other elements that could be modified locally, If the same element is received from the FortiGate, the existing value is overwritten.

The following elements affect Endpoint Control.

Enable antivirus real-time protection.

<forticlient_configuration>

<antivirus>

<real_time_protection>

<enabled>1</enabled>

<real_time_protection>

</antivirus>

</forticlient_configuration>

Other services that may be configured from the FortiGate usually use the full set of configuration elements available to them, as described in the various sections of this document. These include the following:

<forticlient_configuration>

<system>

<update>

</update>

<log_settings>

</log_settings>

</system>

<vpn>

</vpn>

<firewall>

</firewall>

<webfilter>

</webfilter>

<vulnerability_scan>

</vulnerability_scan>

</forticlient_configuration>

Roaming FortiGate example

Roaming FortiGate example

In the example below, Research Lab and Fortinet appear in the FortiClient console. FortiClient attempts to connect silently to one of the IPs in Research Lab first. If both fail (because the laptop is not in the lab), the client attempts to connect to Fortinet.

Because Fortinet uses a FQDN, the actual FortiGate the client attempts to connect to may vary because of DNS settings.

<forticlient_configuration>

<endpoint_control>

<disable_unregister>1</disable_unregister>

<silent_registration>1</silent_registration>

<fortigates>

<fortigate>

<name>Research Lab</name>

<addresses>10.10.10.1:9090;10.10.10.2:9090</addresses>

<registration_password>33333333</registration_password>

</fortigate>

<fortigate>

<name>Fortinet</name>

<addresses>fgt.fortinet.com:8002</addresses>

<registration_password>22222222</registration_password>

</fortigate>

</fortigates>

</endpoint_control>

</forticlient_configuration>

The following elements are set by the FortiGate. FortiClient reads them and imports into its configuration when received from the FortiGate. If modified by the user locally on the Windows system, FortiClient ignores the changes.

<disable_unregister>

<ui>

For the other elements that could be modified locally, If the same element is received from the FortiGate, the existing value is overwritten.

The following elements affect Endpoint Control.

Enable antivirus real-time protection.

<forticlient_configuration>

<antivirus>

<real_time_protection>

<enabled>1</enabled>

<real_time_protection>

</antivirus>

</forticlient_configuration>

Other services that may be configured from the FortiGate usually use the full set of configuration elements available to them, as described in the various sections of this document. These include the following:

<forticlient_configuration>

<system>

<update>

</update>

<log_settings>

</log_settings>

</system>

<vpn>

</vpn>

<firewall>

</firewall>

<webfilter>

</webfilter>

<vulnerability_scan>

</vulnerability_scan>

</forticlient_configuration>