config endpoint-control fctems
Configure FortiClient Enterprise Management Server (EMS) entries.
config endpoint-control fctems Description: Configure FortiClient Enterprise Management Server (EMS) entries. edit <ems-id> set call-timeout {integer} set capabilities {option1}, {option2}, ... set dirty-reason [none|mismatched-ems-sn] set fortinetone-cloud-authentication [enable|disable] set https-port {integer} set interface {string} set interface-select-method [auto|sdwan|...] set name {string} set out-of-sync-threshold {integer} set preserve-ssl-session [enable|disable] set pull-avatars [enable|disable] set pull-malware-hash [enable|disable] set pull-sysinfo [enable|disable] set pull-tags [enable|disable] set pull-vulnerabilities [enable|disable] set send-tags-to-all-vdoms [enable|disable] set serial-number {string} set server {string} set source-ip {ipv4-address-any} set status [enable|disable] set tenant-id {string} set trust-ca-cn [enable|disable] set verifying-ca {string} set websocket-override [enable|disable] next end
config endpoint-control fctems
Parameter |
Description |
Type |
Size |
Default |
||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
call-timeout |
FortiClient EMS call timeout in seconds. |
integer |
Minimum value: 1 Maximum value: 180 |
30 |
||||||||||||||||||||
capabilities |
List of EMS capabilities. |
option |
- |
|
||||||||||||||||||||
|
|
|||||||||||||||||||||||
dirty-reason |
Dirty Reason for FortiClient EMS. |
option |
- |
none |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
ems-id |
EMS ID in order. |
integer |
Minimum value: 1 Maximum value: 7 |
0 |
||||||||||||||||||||
fortinetone-cloud-authentication |
Enable/disable authentication of FortiClient EMS Cloud through FortiCloud account. |
option |
- |
disable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
https-port |
FortiClient EMS HTTPS access port number. |
integer |
Minimum value: 1 Maximum value: 65535 |
443 |
||||||||||||||||||||
interface |
Specify outgoing interface to reach server. |
string |
Maximum length: 15 |
|
||||||||||||||||||||
interface-select-method |
Specify how to select outgoing interface to reach server. |
option |
- |
auto |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
name |
FortiClient Enterprise Management Server (EMS) name. |
string |
Maximum length: 35 |
|
||||||||||||||||||||
out-of-sync-threshold |
Outdated resource threshold in seconds. |
integer |
Minimum value: 10 Maximum value: 3600 |
180 |
||||||||||||||||||||
preserve-ssl-session |
Enable/disable preservation of EMS SSL session connection. Warning, most users should not touch this setting. |
option |
- |
disable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
pull-avatars |
Enable/disable pulling avatars from EMS. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
pull-malware-hash |
Enable/disable pulling FortiClient malware hash from EMS. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
pull-sysinfo |
Enable/disable pulling SysInfo from EMS. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
pull-tags |
Enable/disable pulling FortiClient user tags from EMS. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
pull-vulnerabilities |
Enable/disable pulling vulnerabilities from EMS. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
send-tags-to-all-vdoms |
Relax restrictions on tags to send all EMS tags to all VDOMs |
option |
- |
disable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
serial-number |
EMS Serial Number. |
string |
Maximum length: 16 |
|
||||||||||||||||||||
server |
FortiClient EMS FQDN or IPv4 address. |
string |
Maximum length: 255 |
|
||||||||||||||||||||
source-ip |
REST API call source IP. |
ipv4-address-any |
Not Specified |
0.0.0.0 |
||||||||||||||||||||
status |
Enable or disable this EMS configuration. |
option |
- |
disable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
tenant-id |
EMS Tenant ID. |
string |
Maximum length: 32 |
|
||||||||||||||||||||
trust-ca-cn |
Enable/disable trust of the EMS certificate issuer(CA) and common name(CN) for certificate auto-renewal. |
option |
- |
enable |
||||||||||||||||||||
|
|
|||||||||||||||||||||||
verifying-ca |
Lowest CA cert on Fortigate in verified EMS cert chain. |
string |
Maximum length: 79 |
|
||||||||||||||||||||
websocket-override |
Enable/disable override behavior for how this FortiGate unit connects to EMS using a WebSocket connection. |
option |
- |
disable |
||||||||||||||||||||
|
|