Skip to main content
nopethanks
nopethanks
Visitor III
November 5, 2024
Question

Where to start with ZTNA?

  • November 5, 2024
  • 3 replies
  • 1876 views

Hi there,

 

I've got a FortiGate running 7.2.9 and FortiClient EMS server running on 7.4.1 but I'm not quite sure where to start getting ZTNA up and running. We use Okta for our IdP and I'm presuming that'll be what manages the role based access control but I was hoping there was some guide available to walk you through getting everything working together.

 

Everything I've found so far has been for previous versions of FortiClient EMS which requires Active Directory (which we don't have.) If anyone can point me in the right direction, I would REALLY appreciate it!

 

Thanks!

3 replies

rahul_p1
Staff
rahul_p1
Staff
November 6, 2024

Hi, Please refer to the article for understanding and configuration of ZTNA :- https://docs.fortinet.com/document/fortigate/7.0.0/new-features/194961/basic-ztna-configuration

Hemin88
Hemin88
Explorer III
November 7, 2024

Hi @nopethanks 
Best way to start from this video:
https://video.fortinet.com/latest/getting-started-with-ztna

then:

Fortinet Document Library | Home

 

and Kbs 


 

 

Hatibi
Staff & Editor
Hatibi
Staff & Editor
November 29, 2024

Since you intend to use ZTNA with SAML (okta as IDP) you can refer to these links for this type of scenario:

 

The examples use FortiAuthenticator as IDP. That configuration you will need to adapt to Okta.

This other doc might give an idea for Okta configuration as IDP in FortiGate: https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/499536/ssl-vpn-with-okta-as-saml-idp

 

Terms & ConditionsAccessibility statement