Patch My PC Feature and Application Request

A community where customers and the community can provide feedback to make a better product for everyone! For more details on how we prioritize request, please see:

198 Vote

FortiClient VPN

We would like to see the FortiClient VPN application added to the list of applications to be updated.

  • Jeffrey Carroll
  • Jul 1 2019
  • SHIPPED
  • Attach files
  • Matt Hall commented
    8 Jun 03:04am

    Basically the msi /x of the current version strips out the registry keys and wipes the profile info on uninstall. I assum PMPC does a uninstall / install thus the keys go. As per everyone else FortiNet would basically say use the Paid client....

    I added a post install .bat and some reg keys:

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "Description" /t REG_SZ /d "Company VPN"

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "Server" /t REG_SZ /d "serveraddress:port"

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "DATA1" /t REG_SZ /d ""

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "promptusername" /t REG_DWORD /d 1

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "promptcertificate" /t REG_DWORD /d 0

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "DATA3" /t REG_SZ /d ""

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "ServerCert" /t REG_SZ /d "1"

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "sso_enabled" /t REG_DWORD /d 0

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "use_external_browser" /t REG_DWORD /d 0

    REG ADD "HKLM\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\Company VPN" /v "dual_stack" /t REG_DWORD /d 0

  • Chris commented
    7 Jun 03:59pm

    I have also seen where it wipes the vpn config on update. It also occurs when the update is manually run. We used a powershell script in intune running at boot to get around this. I tried cracking the MSI open in Orca but could not find a way to specify these parameters at install of the update. Ideally, that is what we should be able to do or a silent switch to enter those parameters but I think Forti doesn't provide this just to force you to buy the paid version of the VPN client. I also tried running the powershell script as a post script in PMPC but it requires elevating or changing the execution policy on the local machines. Would love to find a workaround for this as well to make the update process less painful.

  • Admin
    Scott McAllister commented
    7 Jun 03:52pm

    Hi @Allen Olsen

    I suspect this is an issue specifically with the FortiClient VPN installer itself, as all PatchMyPC-ScriptRunner does is run the installer for FortiClient VPN.

    I'd be keen to know if you see the same behaviour if you manually run the installer for the new version of the FortiClient VPN on a device running a configured older version.

    Additionally, I'd be keen to see the client side logs generated by the FortiClient VPN installer if you have the Manage Installation Logging option enabled for that product in the Publisher.

    If you can test that, and grab those logs and send them to scott@patchmypc.com that'd be fantastic :)

  • Allan Olsen commented
    7 Jun 03:44pm

    Hi, thanks for support FortiClient..

    But due to the issue with the Sites config getting wiped, I have disabled the package from Auto-Publishing updates.


    Do we have a solution for this, or is this a general issue with FortiClient VPN?

  • Pawel Jarosz commented
    12 May 07:15am

    Refreshing: Will FortiClient EMS be installable in that way?

  • Paul Graeber commented
    3 May 11:00pm

    @Matt Hall. We found the same thing in our environment updating to 7.0.3 and we had done this with SCCM, not PatchMyPC.


    Was quite annoying. We add the VPN settings via GPO, but I also emailed all staff as we have a number of people that would be working from home when it updated. Went pretty smoothly except for the obvious people who don't read emails from Helpdesk.


    I guess you could have a post install script that applies a registry file and that should do the job?

  • Admin
    Scott McAllister commented
    3 May 10:19pm

    Hey Matt, If you're having issues please reach out to support@patchmypc.com

  • Matt Hall commented
    3 May 10:07pm

    Got it working but noticed it wipes your VPN settings / config on updating. Any workaround for that? or just a crappy MSI from FortiNet?

  • Chris commented
    7 Apr 02:44pm

    This appears to be working fine for us for the free version.

  • Admin
    Adam Cook commented
    7 Apr 07:28am

    If you're having issues with this, definitely reach out to us support@patchmypc.com

  • Sebastien Crepeault commented
    6 Apr 06:33pm

    Has anyone been able to successfully deploy this?

  • Pawel Jarosz commented
    4 Apr 05:56am

    Will FortiClient EMS be installable in that way?

  • Chris commented
    23 Mar 08:52pm

    FortiClient VPN 7.0.3.0193 (MSI-x64) 3/23/2022 12:47:43 PM 0 bytes
    An web error occurred while downloading the file: UnknownError An exception occurred during a WebClient request.

    Chris Moore��� | Systems Administrator | Rather Outdoors Corporation
    Tel: (803) 830-5978
    Email: cmoore@ratheroutdoors.com
    Service Desk:
    North America: (803) 324���6669 |
    UK: +44 1277 285118 | EU/China: +32 33040180
    [https://asset.productmarketingcloud.com/api/assetstorage/1612_457d1d3b-24e7-4e9e-994d-77152608da6c/Original/globalsig-upload2.jpg]

  • Chris commented
    23 Mar 08:45pm

    Hey Simon,

    I see I am missing the Forticlient intune app as well though other new ones I pushed are there as well. I am not as sharp on the logs anymore to tell you why mine failed but assume it's a similar issue. Noticing the same thing with GlobalProtect but that may be due to it requiring an msi file in the app folder similar to Forti.

    Chris Moore? | Systems Administrator | Rather Outdoors Corporation
    Tel: (803) 830-5978
    Email: cmoore@ratheroutdoors.com
    Service Desk:
    North America: (803) 324-6669 |
    UK: +44 1277 285118 | EU/China: +32 33040180
    [https://asset.productmarketingcloud.com/api/assetstorage/1612_457d1d3b-24e7-4e9e-994d-77152608da6c/Original/globalsig-upload2.jpg]

  • Admin
    Adam Cook commented
    23 Mar 08:38pm

    Hey Simon, can you ping over a copy of PatchMyPC.log to support@patchmypc.com please?

  • Simon M commented
    23 Mar 07:16pm

    Has anyone been able to successfully deploy this?

    I've extracted the MSI and put it in the content directory and it's failed in creating the MSI Intune app because the latest download of Forticlient VPN free version is 7.0.2.009. The paid version is 7.0.3.0193 which it seems it's looking for.

    Please advise.

  • Chris commented
    22 Mar 05:11pm

    Woohoo!

    Chris Moore? | Systems Administrator | Rather Outdoors Corporation
    Tel: (803) 830-5978
    Email: cmoore@ratheroutdoors.com
    Service Desk:
    North America: (803) 324-6669 |
    UK: +44 1277 285118 | EU/China: +32 33040180
    [https://asset.productmarketingcloud.com/api/assetstorage/1612_457d1d3b-24e7-4e9e-994d-77152608da6c/Original/globalsig-upload2.jpg]

  • Admin
    Scott McAllister commented
    22 Mar 03:54pm

    Hey everyone!

    Sorry for the spam. All going well, the MSI/Free version of the Forticlient VPN should be in todays catalogue release. Please review this KB article before enabling this product in the Publisher - https://patchmypc.com/forticlientvpnmsi

  • Simon M commented
    21 Mar 04:59pm

    Excellent thanks Scott, will be a great help

  • Admin
    Scott McAllister commented
    21 Mar 04:57pm

    Hey everyone. Please be aware that in order to accommodate the MSI/Free version of the Forticlient VPN we will be making a change to the EXE/Paid version in our catalog.

    The name of the product will change from "Forticlient VPN" to "Forticlient VPN (EXE-x64)".

    This change will be live in todays catalog release. If you have this product selected currently, it will be deselected when the name change is pulled down meaning you will need to reselect the product in your Publisher installation.


    The MSI/Free version of the Forticlient VPN should be available in the catalog later this week.



  • Load older comments
  • +102