FortiClient on macOS Catalina (version 10.15)

IPsec VPN with native Mac OS X client. In this recipe, you will learn how to create an IPsec VPN on a FortiGate, and connect to it using the default Mac OS X client. This configuration allows Mac users to securely access an internal network and browse the Internet through the VPN tunnel. FortiClient is an integral part of Fortinet Security Fabric. It connects endpoints with Security Fabric and delivers endpoint visibility, compliance control, vulnerability management and automation.

Fortinet Vpn Client

FortiClient EMS helps centrally manage, monitor, provision, patch, quarantine, dynamically categorize and provide deep real-time endpoint visibility. Manage Windows, Mac, Linux, iOS, Android and Chromebook endpoints. Real-time Endpoint visibility & control. Vulnerability Management. Endpoint Security Compliance. FortiClient Blocks 100 Percent Malware in NSS Labs 2019 Advanced Endpoint Test. In this year’s test, which included 19 endpoint security vendors, Fortinet’s FortiClient demonstrated a 100% block rate of exploits, unknown threats and HTTP malware, with zero false positives. It also demonstrated high effectiveness in detecting malicious malware across multiple vectors, including email, web, and USB.

You can install FortiClient (macOS)6.2.3 on macOS 10.15 Catalina, which Apple released in early October 2019. With this macOS release, however, the antivirus (AV) features in FortiClient will work properly only when you grant permissions to access the full disk in the Security & Privacy pane for the following services:

• fcaptmon
• fctservctl
• fmon
• FortiClient

FortiClient Web Filter

The FortiClient (macOS) Web Filter feature works properly only when you allow system software from Fortinet to load in Security & Privacy settings. Go to System Preferences > Security & Privacy and click the Allow button beside System software from developer 'Fortinet, Inc' was blocked from loading. You must have administrator credentials for the macOS machine to configure this change.

A client of mine stumbled across this issue and after some digging it appears to be fairly common. In my experience, FortiClient tends to have more issues with Mac OS in general. For this particular problem though I have had success by rolling back the FortiClient. Downloading the latest from FortiClient tends to be the spot where most people run into issue. Not sure what it is about the older versions that work versus the new one but it is an obvious bug.

If you are sitting around waiting for it to be resolved I wouldn’t get your hopes up. Fortinet tends to be a little slower resolving MAC related issues with the FortiClient software when compared to Windows etc…..guess we can chalk that up to market share.

Anyways, roll back your client to an earlier version and see if that resolves the issue for you. I would give you a specific version to roll to but it seems to vary from environment to environment.

Thing To Remember: Sierra is brand new, so the issues, obviously, may not be on the FortiClient side (at least not completely).

Forticlient For Mac Sierra