I am trying to figure out the best way to setup ZTNA for our environment. We create a lot of server that server up our SaaS application via https. Each server has its own unique URL. If I had to create a ZTNA server for each one I would have a new full time job. Even setting up a single ZTNA Server and then managing webservers as they are added/removed from our environment would be a full time job. All of our webservers do live on a handful of subnets that never change.
What would be the best way to setup ZTNA for this?
Solved! Go to Solution.
You may start from here:
Reading what you sent me I found that I can move my current users over to Forticlient ssl vpn first. Then in a second phase apply ztna to these users. But I am not seeing a lot of documentation on how to do the first part. Or I am not googling correctly.
My end goal is to have users use my ADFS SAML server for authentication and Duo.com for 2FA. This should apply to all users regardless if they are doing ZTNA or SSL VPN. So any simple documentation or tips would be great.
Hi systemgeek,
I believe what you are looking for should be similar to the example on the following article link:
Check the related document section on at the bottom of this article webpage please as there is a liberary video for similar illustration that might offer more information to assist you with this task.
Thank you,
saleha
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2677 | |
| 1412 | |
| 810 | |
| 703 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.