If your FortiClient is installed on a domain-joined endpoint and your administrator followed the instructions in Preparing the AD server for deployment, you can use the following CLI command to verify the SMB and RPC services are bound to ports 445 and 135, respectively:
netstat -ano | find “<port number>”
a: displays all connections and listening ports
n: displays addresses and port numbers in numerical form
o: displays process ID (PID) associated with each connection
The following shows that Windows is listening to port TCP/135 and TCP/445 on a particular interface: 0.0.0.0 in this case. The PIDs are 768 and 4.
You can confirm the process by finding the returned PIDs on the Task Manager Details tab.
You can also use this command on the EMS server. See the FortiClient EMS Administration Guide.
In addition to the services running correctly, there must be connectivity between EMS and the endpoint. This section defines connectivity as a route and traffic on a given port. You can use Command Prompt and the built-in Telnet application to verify this. Ensure that Telnet is enabled on your device by going to Control Panel > Turn Windows features on or off, and ensuring that the Telnet Client checkbox is selected. In this example, 192.168.1.200 is the EMS server IP address, and 8013 is the port that is being checked:
telnet 192.168.1.200 8013
If the command is successful, Command Prompt returns _. Since the service on 8013 is not Telnet, this is the expected result.
If the command is unsuccessful, Command Prompt returns a warning that the connection could not be opened.