This article describes troubleshooting steps when importing web filter profiles from FortiGate to FortiClient EMS returns the error message ‘Failed to connect to server. Please check server IP and host connection’.
Scope
FortiClient EMS.
Solution
When attempting to configure and import a web filter profile from FortiGate to FortiClient EMS by accessing to EMS console -> Endpoint Profiles -> Web Filter -> Import -> Import from FortiGate/FortiManager, error message ‘Failed to connect to server. Please check server IP and host connection’ may appear.
Step 1: Check if the FortiGate port number is correctly entered. To check the management port that is currently configured in FortiGate, access the FortiGate and execute the commands below in CLI:
config system global
get | grep -f sport
In the screenshot shown above, FortiGate’s management port is set to 9443, therefore, the port number ‘443’ configured is incorrect and should be replaced with FortiGate_IP:9443.
Step 2: Verify if there are any trusted hosts configured in the FortiGate admin account that might prevent EMS from reaching FortiGate. This can be done by executing the command ‘show system admin’ in FortiGate
The above configuration shows that trusted hosts were configured in the admin account that is used to import web filter profiles. Check that the EMS IP is part of the trusted host subnet for EMS to connect to FortiGate.