Hello everyone,
I'm really suggering with ZTNA :( :)
I tried to get IP/MAC informations inside my ZTNA tags on FortiGate. I configured corretly EMS / Forticlient and Fortigate. My tags are sync successfully but the are emtpy
On my fortiGate, my device is correctly registred :
My tag is correctly added :
But when I looked inside it on my FortiGate, the tag is definitevly empty :
I don't know what I can do to correctly sync device information with my fortigate. I'm sure it's simple but I can't find how.
I really need your help !
Thanks
For the sake of complete testing, the above test was done on a FCT that was On-Net/On-Fabric. I've tested with the device Off-Net/Off-Fabric and can confirm that the IP addresses still get updated correctly.
Hi, I have same issue. We have multi-vdom fortigate. In DMZ vdom I put my EMS and integrated it with AD and Fortigate. Everything seems fine. ZTNA tags are replicated to fortigate. In Business vdom when looked in ZTNA tags when hoovering over ZTNA TAG "X" I can see that it matches endpoints. But in resolved addresses I can't see anything.
Also, when I go in firewall policy rule, in IP/MAC based I can see those addresses as resolved, very strange.
Same setup in DMZ vdom and I can see matched endpoints, cant see resolved addresses but in firewall policy IP/MAC based I don't see any of those matched endpoints.
In DMZ we have configured SSL VPN, same problem as these one above.
All firewall policies from DMZ vdom to Business VDOM in which are ADs allow all traffic from EMS to ADs.
I don't know what to do next, I tried everything that found on Internet.
Also I found few more things that doesn't make sense in EMS, but step-by-step.
