Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
ddabhade
Staff
Staff

Created on ‎07-27-2022 01:07 AM

Article Id 218574

Technical Tip: NGFW Policy mode with Security-policy match with ZTNA EMS TAG is not supported

Description This article shares the information that NGFW Policy mode with Security-policy match with ZTNA EMS TAG is not supported
Scope FortiGate.
Solution

Version 6.4.X.

 

The option to add the ZTAN TAG in GUI and CLI.

 

By design NGFW Policy mode do not support ZTNA EMS TAG with Security-policy.

 

# config system settings
    set ngfw-mode policy-based
end

 

# config firewall security-policy
    edit <ID>
        set srcaddr "FCTEMSXXXXXXXX_ZTNA_EMS_TAG" <-----
    next
end

 

 

Version 7.0.X.

 

From the GUI of security policy this option is already removed and it will be removed from CLI in future release.
Labels:
642
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.