Help
FortiClient
FortiClient proactively defends against advanced attacks. Its tight integration with the Security Fabric enables policy-based automation to contain threats and control outbreaks. FortiClient is compatible with Fabric-Ready partners to further strengthen enterprises’ security posture.
sjoshi
Staff
Staff

Created on ‎06-09-2025 12:52 AM

Article Id 395517

Troubleshooting Tip: Why ZTNA Destinations May Not Reflect in FortiClient: Causes and Fixes

Description

 

This article describes why ZTNA (Zero Trust Network Access) destinations may not reflect or appear correctly in FortiClient.

 

Scope

 

FortiClient.

 

Solution

 

For TCP forwarding, configuring a ZTNA destination profile in EMS is required to ensure the ZTNA destination appears on FortiClient.

However, even after the ZTNA destination profile is correctly configured and applied to the appropriate endpoint, the ZTNA destination may still not appear on FortiClient.

 

In the FortiClient, the ZTNA destination does not reflect even though it is configured on the EMS

 

2.PNG

 

EMS config:

 

3.PNG

 

Expand the Rules section and see if the gateway is enabled. If it is disabled, enable it and see if the ZTNA destination is visible in the FortiClient:

 

4.PNG

 

Enable it:

 

5.PNG

 

 

The ZTNA destination is now, appearing on the endpoint:

 

1.PNG

333
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.