Skip to main content
alaaelrayes
alaaelrayes
New Member
September 5, 2023
Solved

ZTNA policy issue on Mac's devices

  • September 5, 2023
  • 3 replies
  • 4034 views

Hello,

 

I encountering an issue while applying policy on Mac devices.

The policy is to block devices that don't have FileVault enabled when connecting whether from VPN or internal network.

My issue is that I can connect to the VPN and internal network while the device tag is non compliant.

Note that I can apply policies on Windows devices.

Please I appreciate your help.

Thanks.

FortiClient 

 

Mac issue 3.JPG

Best answer by alaaelrayes

Hi all,  After contact Fortinet support, they confirmed that  Mac and Linux don't support this feature according to the below documentation under Tag:

 

https://docs.fortinet.com/document/forticlient/7.2.1/ems-administration-guide/29925/ssl-vpn

3 replies

alaaelrayes
alaaelrayesAuthor
New Member
September 6, 2023

Any suggestion ?

A
Anonymous_User
New Contributor III
September 6, 2023

Hello @alaaelrayes,

Can you share the endpoint tag snapshot from the client and the ZTNA policy that you've configured on the FortiGate?

 

A
Anonymous_User
New Contributor III
September 6, 2023

There's a known issue with 7.0.7 macOS forticlient 805201, it is fixed in 7.2.0 and later
https://docs.fortinet.com/document/forticlient/7.0.7/macos-release-notes/124818/known-issues

Let me know which forticlient version you're using.

alaaelrayes
alaaelrayesAuthor
New Member
September 6, 2023

I'm using 7.2.1 forticlient ZTNA and EMS also

alaaelrayes
alaaelrayesAuthorAnswer
New Member
September 7, 2023

Hi all,  After contact Fortinet support, they confirmed that  Mac and Linux don't support this feature according to the below documentation under Tag:

 

https://docs.fortinet.com/document/forticlient/7.2.1/ems-administration-guide/29925/ssl-vpn

Terms & ConditionsAccessibility statement