We are using the free Forticlient. The config is stored in the registry. Here is the detection script out of 80 machines so far I have 26 failures which says app installed correctly but not detected
# Define FortiClient tunnel settings
$regpath = ‘Custom vpn name’ # Set this as the desired tunnel name
$server = ‘vpn.mydomain.com:443’ # Expected server address with port
# Check if the registry path exists
if (Test-Path -LiteralPath “HKLM:\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\$regpath”) {
Write-Output “Tunnel ‘$regpath’ exists.”
# Retrieve the ‘Server’ property
$serverValue = (Get-ItemProperty -Path “HKLM:\SOFTWARE\Fortinet\FortiClient\Sslvpn\Tunnels\$regpath” -Name ‘Server’ -ErrorAction SilentlyContinue).Server
Write-Output “Server value from registry: ‘$serverValue’”
# Check if the server value matches the expected server address
if ($serverValue.Trim() -eq $server) {
Write-Output “Server address matches the expected value. Exiting with code 0.”
exit 0 # Return 0 if the tunnel exists and the server matches
} else {
Write-Output “Server address does not match the expected value. Exiting with code 1.”
exit 1 # Return 1 if the server does not match
}
} else {
Write-Output “Tunnel ‘$regpath’ does not exist. Exiting with code 1.”
exit 1 # Return 1 if the tunnel does not exist
}