Fortinet black logo

Use Cases

Home FortiClient 6.0.3 Use Cases

Creating a gateway list

6.0.3
6.0.3
Copy Link
Copy Doc ID 071aa83e-d7c4-11e8-8784-00505692583a:963655
Download PDF

Creating a gateway list

First, you must create a gateway list in EMS that contains the IP address of a FortiGate that belongs to the Security Fabric. Gateway lists facilitate FortiClient Telemetry connection between FortiClient and the FortiGate. The gateway list is used to specify what IP addresses or fully qualified domain names (FQDN) and ports endpoints can use to connect FortiClient Telemetry to FortiGate, EMS, or FortiGate and EMS.

You can create a gateway list that contains IP addresses for multiple FortiGate units. FortiClient searches for IP addresses in its subnet in the gateway IP list and connects to the FortiGate in the list that is in the same subnet as the host system.

If FortiClient cannot find any FortiGates in its subnet, it attempts to connect to the first reachable FortiGate in the list, starting from the top. The order of the list is maintained as it was configured in the gateway list.

In this example, we will configure a gateway list to facilitate connection between FortiClient and a FortiGate, which has an IP address of 10.0.4.104.

  1. Go to Gateway Lists > Manage Gateway Lists.
  2. Click the Add button.
  3. Configure the following:

    Name

    Enter the list name. It is recommended to use an easily identifiable name. In this example, the name given is QA_FGT_600, indicating that the FortiGate is running FortiOS 6.0.0 and is used to manage endpoints belonging to employees from the QA organization.

    Comment

    Enter additional comments. This is optional.

    IP addresses/Hostnames

    Enter the IP address(es) or hostname(s) of the FortiGate devices. You can also use an FQDN. In this example, the FortiGate's IP address is 10.0.4.104.

    Press the Enter key to add additional IP addresses.

    Connect to local subnets only

    Enable to only allow connection to local subnets. This is optional and has not been enabled in this example.

    Use connection key

    Enable the connection key endpoints can use to connect to FortiGate units. This is optional and has not been enabled in this example.

    Managed by EMS

    Select an option from the dropdown list. Users can configure this IP address in System Settings > Server. Endpoints will be managed by this EMS.

  4. Click Save.
Previous
Next

Creating a gateway list

First, you must create a gateway list in EMS that contains the IP address of a FortiGate that belongs to the Security Fabric. Gateway lists facilitate FortiClient Telemetry connection between FortiClient and the FortiGate. The gateway list is used to specify what IP addresses or fully qualified domain names (FQDN) and ports endpoints can use to connect FortiClient Telemetry to FortiGate, EMS, or FortiGate and EMS.

You can create a gateway list that contains IP addresses for multiple FortiGate units. FortiClient searches for IP addresses in its subnet in the gateway IP list and connects to the FortiGate in the list that is in the same subnet as the host system.

If FortiClient cannot find any FortiGates in its subnet, it attempts to connect to the first reachable FortiGate in the list, starting from the top. The order of the list is maintained as it was configured in the gateway list.

In this example, we will configure a gateway list to facilitate connection between FortiClient and a FortiGate, which has an IP address of 10.0.4.104.

  1. Go to Gateway Lists > Manage Gateway Lists.
  2. Click the Add button.
  3. Configure the following:

    Name

    Enter the list name. It is recommended to use an easily identifiable name. In this example, the name given is QA_FGT_600, indicating that the FortiGate is running FortiOS 6.0.0 and is used to manage endpoints belonging to employees from the QA organization.

    Comment

    Enter additional comments. This is optional.

    IP addresses/Hostnames

    Enter the IP address(es) or hostname(s) of the FortiGate devices. You can also use an FQDN. In this example, the FortiGate's IP address is 10.0.4.104.

    Press the Enter key to add additional IP addresses.

    Connect to local subnets only

    Enable to only allow connection to local subnets. This is optional and has not been enabled in this example.

    Use connection key

    Enable the connection key endpoints can use to connect to FortiGate units. This is optional and has not been enabled in this example.

    Managed by EMS

    Select an option from the dropdown list. Users can configure this IP address in System Settings > Server. Endpoints will be managed by this EMS.

  4. Click Save.
Previous
Next