Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY 26.1.40
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
All Products
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Web Application Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • Web Application / API Protection
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions
    • All Products

    Feature Release Notes

    Home FortiSASE Feature Release Notes

    Supported FortiClient 7.0.13 and 7.2.13 features

    Supported FortiClient 7.0.13 and 7.2.13 features

    This topic includes information on the following platforms:

    Windows

    The following table lists the FortiClient version 7.2.13 supported features for the Windows platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Diagnostic logs on-demand requests from FortiSASE
    Digital experience monitoring agent*
    FortiGuard Forensics Analysis*
    Access
    Autoconnect to FortiSASE using Microsoft Entra ID credentials
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Bypass FortiSASE using application-based split tunnel
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Configurable MTU on IPsec tunnel
    Endpoint profile assignment based on Microsoft Entra ID groups
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Network lockdown
    Pre-logon tunnel
    Show security posture tags on FortiClient
    Split DNS or DNS redirection
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    FSSO
    FortiClient SSO mobility agent
    Protection
    Antiransomware
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    Sandbox
    Sandboxing - on-premise and FortiSASE Cloud Sandbox
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    * Requires Advanced or Comprehensive subscription.

    macOS

    The following table lists the FortiClient version 7.2.13 supported features for the macOS platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Digital experience monitoring agent*
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Configurable MTU on IPsec tunnel
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Network lockdown
    Show security posture tags on FortiClient
    Split DNS or DNS redirection
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    FSSO
    FortiClient SSO mobility agent
    Protection
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control

    FortiClient (macOS) does not support rules. It only supports allow and block actions.

    FortiClient (macOS) does not support rules. It only supports allow and block actions.
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    Sandbox
    Sandboxing - on-premise and FortiSASE Cloud Sandbox
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    * Requires Advanced or Comprehensive subscription.

    Linux

    The following table lists the FortiClient version 7.0.13 supported features for the Linux platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Access
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    Show security posture tags on FortiClient
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel to FortiSASE
    Protection
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control

    FortiClient (Linux) does not support rules. It only supports allow and block actions.

    FortiClient (Linux) does not support rules. It only supports allow and block actions.
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    Android

    The following table lists the FortiClient version supported features for the Android platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature SSL VPN
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Endpoint telemetry
    External browser as user-agent for SAML login
    Force always on tunnel
    Show security posture tags on FortiClient
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    Sandbox
    Sandboxing (On-premise and FortiSASE Cloud Sandbox) On-premise only
    ZTNA
    Security posture tagging rules

    iOS

    The following table lists the FortiClient version supported features for the iOS platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature SSL VPN
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Endpoint telemetry
    External browser as user-agent for SAML login
    Force always on tunnel

    FortiClient (iOS) does not disable the VPN button instantly. You must navigate away from the VPN page to disable the VPN button.
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Show security posture tags on FortiClient
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    ZTNA
    Security posture tagging rules
    Previous
    Next

    Supported FortiClient 7.0.13 and 7.2.13 features

    Supported FortiClient 7.0.13 and 7.2.13 features

    This topic includes information on the following platforms:

    Windows

    The following table lists the FortiClient version 7.2.13 supported features for the Windows platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Diagnostic logs on-demand requests from FortiSASE
    Digital experience monitoring agent*
    FortiGuard Forensics Analysis*
    Access
    Autoconnect to FortiSASE using Microsoft Entra ID credentials
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Bypass FortiSASE using application-based split tunnel
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Configurable MTU on IPsec tunnel
    Endpoint profile assignment based on Microsoft Entra ID groups
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Network lockdown
    Pre-logon tunnel
    Show security posture tags on FortiClient
    Split DNS or DNS redirection
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    FSSO
    FortiClient SSO mobility agent
    Protection
    Antiransomware
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    Sandbox
    Sandboxing - on-premise and FortiSASE Cloud Sandbox
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    * Requires Advanced or Comprehensive subscription.

    macOS

    The following table lists the FortiClient version 7.2.13 supported features for the macOS platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Digital experience monitoring agent*
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Configurable MTU on IPsec tunnel
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Network lockdown
    Show security posture tags on FortiClient
    Split DNS or DNS redirection
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    FSSO
    FortiClient SSO mobility agent
    Protection
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control

    FortiClient (macOS) does not support rules. It only supports allow and block actions.

    FortiClient (macOS) does not support rules. It only supports allow and block actions.
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    Sandbox
    Sandboxing - on-premise and FortiSASE Cloud Sandbox
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    * Requires Advanced or Comprehensive subscription.

    Linux

    The following table lists the FortiClient version 7.0.13 supported features for the Linux platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature IPsec SSL VPN
    Access
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DNS server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via DHCP server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via local subnet
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via ping server
    Exempt endpoint from FortiSASE autoconnect when endpoint is on-net via public IP address
    Endpoint profile change notifications
    Endpoint telemetry
    Endpoint tunnel connectivity notifications
    Endpoint tunnel disconnection by disabling management connection from FortiSASE
    External browser as user-agent for SAML login
    Force always on tunnel
    Show security posture tags on FortiClient
    SSL tunnel connection remains active after endpoint has been idle
    SSL tunnel to FortiSASE
    Protection
    Next generation antivirus (AV) – real-time AV and cloud malware protection
    Removable media access control

    FortiClient (Linux) does not support rules. It only supports allow and block actions.

    FortiClient (Linux) does not support rules. It only supports allow and block actions.
    Removable media access control – notify endpoint of blocks
    Vulnerability scan
    Vulnerability scan - event-based scan
    ZTNA
    Security posture tagging rules
    ZTNA remote access

    Android

    The following table lists the FortiClient version supported features for the Android platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature SSL VPN
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Endpoint telemetry
    External browser as user-agent for SAML login
    Force always on tunnel
    Show security posture tags on FortiClient
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    Sandbox
    Sandboxing (On-premise and FortiSASE Cloud Sandbox) On-premise only
    ZTNA
    Security posture tagging rules

    iOS

    The following table lists the FortiClient version supported features for the iOS platform for IPsec and SSL VPN tunneling. Likewise, the table lists feature support by the FortiSASE portal:

    Feature SSL VPN
    Access
    Autoconnect to FortiSASE using SAML single sign on (SSO)
    Endpoint telemetry
    External browser as user-agent for SAML login
    Force always on tunnel

    FortiClient (iOS) does not disable the VPN button instantly. You must navigate away from the VPN page to disable the VPN button.
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and SAML
    IPsec VPN to FortiSASE using IKEv2, Preshared Key, and Local user
    Show security posture tags on FortiClient
    SSL tunnel support for DTLS
    SSL tunnel to FortiSASE
    ZTNA
    Security posture tagging rules
    Previous
    Next