Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AEK
SuperUser
SuperUser

Access to EMS WebUI from ZTNA gateway

Hello EMS admins

FCT EMS 7.4.0 and FCT agent 7.4.0 on Windows 10 client.

For off-fabric clients we configured multiple ZTNA destinations, including one destination to access EMS WebUI.

All destinations are accessible and working fine except the one for EMS WebUI (browser just shows connection closed).

When inspecting ZTNA traffic on FG we see all ZTNA traffic except the traffic for EMS WebUI (there is no related log).

Any idea on what's going on?

AEK
AEK
2 REPLIES 2
Sx11
Staff
Staff

Hello AEK,

 

in this case you are attempting to access a web app. Having ZTNA destinations in FCT means your are using a TCP forwarding proxy configuration. This is normally used for access to RDP, SSH or other non-web apps. For Web based apps you would use a HTTPS access proxy.

 

Do you currently have other web based apps added as ZTNA destinations and reachable?

Have you tried using a HTTPS access proxy configuration to access the EMS webUI? 

https://docs.fortinet.com/document/fortigate/7.0.5/administration-guide/325639/ztna-https-access-pro....

 

Regards

sx11
AEK

Hello Sx11

Actually my configuration was HTTPS, not TCP Forwarding. But following your recommendation I tried TCP Forwarding and strangely it worked fine :)

AEK
AEK
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors