Prevent Connection to WiFi if Forticlient is not installed on endpoint

Forum|Forum|1 year ago
February 12, 2025
2 replies
919 views

I have a fortigate 60E with Fortios 7.4.7. I have FortiClientEMS 7.2.8. What I'm trying to find out is if I can block endpoints that don't have FortiClient installed from connecting via the WiFi. Are there any cookbook recommendations for this?

AEK

SuperUser

If you mean your company's WiFi, then you can use ZTNA tags in the firewall rules that are allowing traffic from the SSID(s) to the other networks.

Once you do that, only clients that have the tags can communicate through the desired SSID(s).

AEK

tschacherlAuthor

Explorer

Are you able to point me to any docs that might provide a step-by-step on how to implement this?

AEK

SuperUser

Here is a tutorial.

https://docs.fortinet.com/document/fortigate/7.2.11/administration-guide/477578

Also here is a full ZTNA documentation, in case you want to read more about ZTNA, to understand it more and to be more able to configure it.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-ZTNA-Zero-Trust-Network-Access-Resource-List/ta-p/286196

Hope it helps.

AEK

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded