By default, the FortiClient will start up automatically when starting macOS. This may not always be desirable but fortunately, auto-start can be disabled quite easily.
The FortiClient launch agent is located at /Library/LaunchAgents/com.fortinet.forticlient.fct_launcher.plist. Use any text editor to open and edit this file, but you probably will need to do this using Terminal and using sudo to launch a text-based text editor (e.g. vi or nano).
With the file open, look for these lines:
<key>RunAtLoad</key> <true/>
Change true to false and save the file. Note that updates to the FortiClient may overwrite the change.
Currently, it is not possible to configure the DNS suffix (search domain) for SSL VPN and IPSEC tunnels through the GUI, but it can be configured using the CLI.
For SSLVPN:
config vpn ssl settings set dns-suffix example.com example.org end
For IPSEC:
config vpn ipsec phase1-interface set domain example.com end
Changes are effective immediately. After configuring the setting, users will be able to resolve names using single names instead of FQDN.
A note of caution: when installing the Fortinet SSO Agent on a server, the option to secure connections from a FortiGate with a password is enabled by default, and a random password is assigned.
You have to turn off or change the password before you add the SSO agent in your Fortigate.
There's no mention of this in the manuals, so now you know...
« ‹ | December 2024 | › » | ||||
Sun | Mon | Tue | Wed | Thu | Fri | Sat |
1 | 2 | 3 | 4 | 5 | 6 | 7 |
8 | 9 | 10 | 11 | 12 | 13 | 14 |
15 | 16 | 17 | 18 | 19 | 20 | 21 |
22 | 23 | 24 | 25 | 26 | 27 | 28 |
29 | 30 | 31 |