Fortinet white logo
Fortinet white logo

CLI Reference

system replacemsg ec

system replacemsg ec

The endpoint control (ec) replacement messages format the portal pages that the FortiGate unit sends to non-compliant users who attempt to use a firewall policy in which Endpoint control is enabled.

There are two Endpoint NAC portals:

  • Endpoint NAC Download Portal — The FortiGate unit sends this page if the Endpoint NAC profile has recommendation-disclaimer disabled. In the web-based manager, this is the Quarantine Hosts to User Portal (Enforce compliance) option. The user can download the FortiClient Endpoint Security application installer. If you modify this replacement message, be sure to retain the %%LINK%% tag which provides the download URL for the FortiClient installer.
  • Endpoint NAC Recommendation Portal — The FortiGate unit sends this page if the Endpoint NAC profile has recommendation-disclaimer enabled. In the web-based manager, this is the Notify Hosts to Install FortiClient (Warn only) option. The user can either download the FortiClient Endpoint Security application installer or select the Continue to link to access their desired destination. If you modify this replacement message, be sure to retain both the %%LINK%% tag which provides the download URL for the FortiClient installer and the %%DST_ADDR%% link that contains the URL that the user requested.

Message format is HTML by default.

config system replacemsg ec
    edit {msg-type}
    # Replacement messages.
        set msg-type {string}   Message type. size[28]
        set buffer {string}   Message string. size[32768]
        set header {none | http | 8bit}   Header flag.
                none  No header type.
                http  HTTP
                8bit  8 bit.
        set format {none | text | html | wml}   Format flag.
                none  No format type.
                text  Text format.
                html  HTML format.
                wml   WML format
    next
end

Additional information

The following section is for those options that require additional explanation.

buffer <message>

Type a new replacement message to replace the current replacement message. Maximum length 32,768 characters.

Replacement message tags

Replacement messages can include replacement message tags. When users receive the replacement message, the replacement message tag is replaced with content relevant to the message.

%%LINK%%

The download URL for the FortiClient installer.

%%DST_ADDR%%

The destination URL that the user entered. This is used in the endpt-recommendation-portal message only.

system replacemsg ec

system replacemsg ec

The endpoint control (ec) replacement messages format the portal pages that the FortiGate unit sends to non-compliant users who attempt to use a firewall policy in which Endpoint control is enabled.

There are two Endpoint NAC portals:

  • Endpoint NAC Download Portal — The FortiGate unit sends this page if the Endpoint NAC profile has recommendation-disclaimer disabled. In the web-based manager, this is the Quarantine Hosts to User Portal (Enforce compliance) option. The user can download the FortiClient Endpoint Security application installer. If you modify this replacement message, be sure to retain the %%LINK%% tag which provides the download URL for the FortiClient installer.
  • Endpoint NAC Recommendation Portal — The FortiGate unit sends this page if the Endpoint NAC profile has recommendation-disclaimer enabled. In the web-based manager, this is the Notify Hosts to Install FortiClient (Warn only) option. The user can either download the FortiClient Endpoint Security application installer or select the Continue to link to access their desired destination. If you modify this replacement message, be sure to retain both the %%LINK%% tag which provides the download URL for the FortiClient installer and the %%DST_ADDR%% link that contains the URL that the user requested.

Message format is HTML by default.

config system replacemsg ec
    edit {msg-type}
    # Replacement messages.
        set msg-type {string}   Message type. size[28]
        set buffer {string}   Message string. size[32768]
        set header {none | http | 8bit}   Header flag.
                none  No header type.
                http  HTTP
                8bit  8 bit.
        set format {none | text | html | wml}   Format flag.
                none  No format type.
                text  Text format.
                html  HTML format.
                wml   WML format
    next
end

Additional information

The following section is for those options that require additional explanation.

buffer <message>

Type a new replacement message to replace the current replacement message. Maximum length 32,768 characters.

Replacement message tags

Replacement messages can include replacement message tags. When users receive the replacement message, the replacement message tag is replaced with content relevant to the message.

%%LINK%%

The download URL for the FortiClient installer.

%%DST_ADDR%%

The destination URL that the user entered. This is used in the endpt-recommendation-portal message only.