Fortinet black logo

CLI Reference

Home FortiWeb 7.2.1 CLI Reference
7.2.1
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.8
7.0.7
7.0.6
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.3
6.4.2
6.4.1
6.4.0
6.3.23
6.3.19
6.3.18
6.3.17
6.3.16
6.3.15
6.3.14
6.3.13
6.3.11
6.3.10
6.3.9
6.3.7
6.3.6
6.3.5
6.3.4
6.3.3
6.3.2
6.3.1
6.3.0
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.2.0
6.1.2
6.1.1
5.7.0
5.6.1
5.6.0

system endpoint-control

system endpoint-control

Use this command to set a FortiClient EMS connector.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system endpoint-control fctems

edit <ems_connector_name>

set server <IP_address>

set https-port <port>

set server-verification {enable | disable}

set ca-cert <cert_name>

set source-ip <IP_address>

set call-timeout <int>

set preserve-ssl-session {enable | disable}

set fingerprint <fingerprint>

set EMS_SN <EMS_EN>

next

end

Variable Description Default

<ems_connector_name>

 Enter the name of the EMS connector. No default.

server <IP_address>

 Enter the EMS server IP address. No default.

https-port <port>

Enter the HTTPS access port number.

443

server-verification {enable | disable}

Enable this option to verify the FortiClient EMS certificate that is used for the HTTPS connection between FortiWeb and FortiClient EMS.

disable

ca-cert <cert_name>

Select the certificate for verifying FortiClient EMS server certificate that is used for the connection between FortiWeb and FortiClient EMS.

No default.

source-ip <IP_address>

Enter the allowed source IP addresses of the API calls.

0.0.0.0

call-timeout <int>

Enter the timeout value for the API calls from FortiWeb to EMS server.

15

preserve-ssl-session {enable | disable}

Enable/disable preservation of EMS SSL session connection.

disable

fingerprint <fingerprint>

Enter the EMS server fingerprint.

automatically populated once EMS is verified.

EMS_SN <EMS_EN>

Enter the EMS server serial number.

automatically populated once EMS is verified.
It's highly recommended not to change the default value of the variables except <ems_connector_name>, server <IP_address>, and https-port <port>.

Related topics

Previous
Next

system endpoint-control

Use this command to set a FortiClient EMS connector.

To use this command, your administrator account’s access control profile must have either w or rw permission to the sysgrp area. For details, see Permissions.

Syntax

config system endpoint-control fctems

edit <ems_connector_name>

set server <IP_address>

set https-port <port>

set server-verification {enable | disable}

set ca-cert <cert_name>

set source-ip <IP_address>

set call-timeout <int>

set preserve-ssl-session {enable | disable}

set fingerprint <fingerprint>

set EMS_SN <EMS_EN>

next

end

Variable Description Default

<ems_connector_name>

 Enter the name of the EMS connector. No default.

server <IP_address>

 Enter the EMS server IP address. No default.

https-port <port>

Enter the HTTPS access port number.

443

server-verification {enable | disable}

Enable this option to verify the FortiClient EMS certificate that is used for the HTTPS connection between FortiWeb and FortiClient EMS.

disable

ca-cert <cert_name>

Select the certificate for verifying FortiClient EMS server certificate that is used for the connection between FortiWeb and FortiClient EMS.

No default.

source-ip <IP_address>

Enter the allowed source IP addresses of the API calls.

0.0.0.0

call-timeout <int>

Enter the timeout value for the API calls from FortiWeb to EMS server.

15

preserve-ssl-session {enable | disable}

Enable/disable preservation of EMS SSL session connection.

disable

fingerprint <fingerprint>

Enter the EMS server fingerprint.

automatically populated once EMS is verified.

EMS_SN <EMS_EN>

Enter the EMS server serial number.

automatically populated once EMS is verified.
It's highly recommended not to change the default value of the variables except <ems_connector_name>, server <IP_address>, and https-port <port>.

Related topics

Previous
Next