CMD command to remove from memory  FortiClient VPN

jana
jana used Ask the Experts™
on
I need to include in a batch script file command to unload from memory FortiClientVPN.  I don't want  to uninstall it, I want that when the computer start, it unload from memory.  I have found to use TaskKill:

taskkill /im FortiTray.exe /t /f
taskkill /im FortiSSLVPNdaemon.exe /t /f
taskkill /im FortiSettings.exe /t /f
taskkill /im scheduler.exe /t /f
taskkill /im FCDBLog.exe /t /f 

Open in new window


But when I look at the task manager, it still in memory.

I do get to unload it from memory by using "Shutdown FortiClient" from taskbar, but since I need to unload it from memory every time the computer start, I am looking for a command that does  similar as the "shutdown FortiClient" does.
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
AlexA lack of information provides a lack of a decent solution.

Commented:
Hey Jana,

I don't quite understand what you want to do here, if I remember rightly the fortinet client uses a service as well right?

Also, use procmon to check what the application is actually doing as well.

Why do you need to do this as well? Are you trying to work around an issue or something?

Thanks
Alex

Author

Commented:
I want to remove temporary the apps from memory every time the computer start.  I am running a series of tests in the computer and I have successfully with "TaskKill" been able to unload from memory a series of apps necessary for the tests.  Unfortunately, no luck with FortiClient VPN.

So is there a way to remove it from memory?
AlexA lack of information provides a lack of a decent solution.

Commented:
Yeah I get that, but I want to know why you want to do this. I'm curious ;-)



Stop-Process -Name "ProcessName" -Force.

Open in new window


Try it in powershell too.
Success in ‘20 With a Profitable Pricing Strategy

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden using our free interactive tool and use it to determine the right price for your IT services. Start calculating Now!

Author

Commented:
will do
David FavorFractional CTO
Distinguished Expert 2018

Commented:
Several considerations.

1) Correctly coded VPNs work by setting up a new route (and many times removing all old routes), so all packets flow through your VPN.

2) When a VPN dies all Internet connectivity is gone.

3) This means most VPNs load code at boot/login to restart themselves automatically, to maintain connectivity.

If you're trying to kill off FortiClient, likely you'll have to disable the #3 mechanism.

Best to contact the FortiClient developer for the correct way to accomplish this.

Author

Commented:
Alex,

i used your recommendation with no success (what am i missing something?):

Stop-Process -Name FortiTray.exe -Force
Stop-Process -Name FortiSSLVPNdaemon.exe -Force
Stop-Process -Name FortiSettings.exe -Force
Stop-Process -Name scheduler.exe -Force
Stop-Process -Name FCDBLog.exe -Force

Open in new window


-----

David, I just want to remove from memory - i want the same result as the "Shutdown FortiClient"
AlexA lack of information provides a lack of a decent solution.

Commented:
Try

net stop fortishield

Use an elevated command prompt as well.

Regards
Alex

Author

Commented:
error:

Microsoft Windows [Version 10.0.18362.295]
(c) 2019 Microsoft Corporation. All rights reserved.

C:\WINDOWS\system32>net stop fortishield
The service name is invalid.

More help is available by typing NET HELPMSG 2185.


C:\WINDOWS\system32>

Open in new window

AlexA lack of information provides a lack of a decent solution.

Commented:
OK

run SC query

Find your fortigate or fortishield service

Then use Net stop "Servicename"

Author

Commented:
error:

C:\WINDOWS\system32>Net stop FA_Scheduler
The requested pause, continue, or stop is not valid for this service.

More help is available by typing NET HELPMSG 2191.

C:\WINDOWS\system32>

Open in new window


the service in SC query:
SERVICE_NAME: FA_Scheduler
DISPLAY_NAME: FortiClient VPN Service Scheduler
        TYPE               : 10  WIN32_OWN_PROCESS  
        STATE              : 4  RUNNING 
                                (NOT_STOPPABLE, NOT_PAUSABLE, ACCEPTS_SHUTDOWN)
        WIN32_EXIT_CODE    : 0  (0x0)
        SERVICE_EXIT_CODE  : 0  (0x0)
        CHECKPOINT         : 0x0
        WAIT_HINT          : 0x0

Open in new window


Please note, the files in memory is more than one:
  • FortiTray.exe
  • FortiSSLVPNdaemon.exe
  • FortiSettings.exe
  • scheduler.exe
  • FCDBLog.exe
The service FA_Scheduler is "protected". You cannot stop it that way.

As you said, you want to shutdown as done manually with the trayicon:

C:\Program Files\Fortinet\FortiClient>FortiTray.exe --shutdown

Open in new window


Execute this and fortiVPN is turned off.

regards
Thomas

Author

Commented:
Hi, thank u for the info!  But that is what I said I do, i "Shutdown FortiClient" - by shutting the client, all files (FortiTray.exe,  FortiSSLVPNdaemon.exe,  FortiSettings.exe,  scheduler.exe,  FCDBLog.exe) are removed from memory.

What I am looking for is NO to do shutdown everything the computer is turned on or rebooted,

You think this cannot be done?
Hi Jana

I dont think I really understand what you want to do.
Do you want the forticlient to be turned off after boot or not?

To unload Forticlient (not uninstall):
Make a batchfile with
C:\Program Files\Fortinet\FortiClient\FortiTray.exe --shutdown

Open in new window

Then copy that to autostart folder in Windows or use taskscheduler to do so.

That command is EXACTLY the same as when you manually shutdown the client in the tray, just as commandline batch. Its what you want to do, described in the initial Post.

Author

Commented:
Yes, but as my question states, I want to include the process in a batch file I have that turns-off a whole bunch of other apps after re-boot.

Extract of question:
"... I do get to unload it from memory by using "Shutdown FortiClient" from taskbar, but since I need to unload it from memory every time the computer start, I am looking for a command that does  similar as the "shutdown FortiClient" does."

In other words, how do I turn off FortiClient from command prompt?
Hi Jana

Please read my last given answer again. It is exactly what you want. Turn off forticlient from commandline prompt.
This command does exactly the same in commandline as the "shutdown forticlient" does when you clickt it with your mouse

regards
Thomas

PS: maybe C:\Program Files\Fortinet\FortiClient\FortiTray.exe is in a different folder on your computer but "FortiTray.exe --shutdown" is the commandline argument to turn off forticlient.

Author

Commented:
Oh I see! sorry! will try!

Author

Commented:
didn't work... just goes to the next line.  I had the task manager open to see and the 4 Forti files were still in memory.  

I tried also :

FortiTray.exe -shutdown
FortiTray.exe /shutdown
FortiTray.exe /off
FortiTray.exe /remove

but still in memory.
It works very well here and I have forticlient as too.
You dont see anything after the commando, it does not give anything back into the console

Try Batch
FortiTray.exe --shutdown
taskkill /im FortiTray.exe /f
taskkill /im FortiSSLVPNdaemon.exe /f
taskkill /im FortiSettings.exe /f
taskkill /im scheduler.exe /f
taskkill /im FCDBLog.exe /f 

Open in new window


I don't know why you want to disable and "unload" from everything from fortigate when the computer boots, but you don't want to uninstall it.

BUT

With this little helper tool, you can check what starts on Windows and can just untick it. Just search for all the processes and untick them in the tool: https://docs.microsoft.com/en-us/sysinternals/downloads/autoruns

You have to start it as administrator

Author

Commented:
ok will try

Author

Commented:
Thank u very much!  I misread and also was doing it without elevating the CMD.

Thanx!

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial