Fortigate ZTNA Tag added in policy, SSLVPN cannot access local LAN
I just purchased EMS last week and setup finished, everything seems fine at EMS server. I want to use EMS ZTNA to control SSLVPN user who only match zero trust tag can access lan server. When I added the tag make my SSLVPN cannot access my Local LAN, removed it everything is fine. Any step I am missing or incorrect setup ?
Resolved Address can see my vpn ip
View matched endpoint can see my laptop, but it still show 0 when I move the mouse on it.
Firewall policy added tag - cannot access lan server
Removed tag everything fine
Connection is ok
I can view all zero trust tag at EMS portal
Creat new tag "Test" and fortigate also can show up
To see the tags on the client itself, you have to enable this in the EMS profile for the endpoint under Advanced > System Settings:
But that only makes the tags visible on the endpoint, so you can verify there that it has the tags.
The policy being applied or not is still up to the FortiGate. If you have all that configuration in place but the issue persists, I would suggest opening a ticket with Technical Support to get some more in-depth assistance, beyond what I can offer in the Forums here.
+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++