Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
systemgeek
New Contributor III

Best setup for ztna

I am trying to figure out the best way to setup ZTNA for our environment.  We create a lot of server that server up our SaaS application via https.  Each server has its own unique URL.  If I had to create a ZTNA server for each one I would have a new full time job.  Even setting up a single ZTNA Server and then managing webservers as they are added/removed from our environment would be a full time job.  All of our webservers do live on a handful of subnets that never change.

 

What would be the best way to setup ZTNA for this?

1 Solution
AEK
Honored Contributor II

AEK
3 REPLIES 3
AEK
Honored Contributor II

AEK
systemgeek
New Contributor III

Reading what you sent me I found that I can move my current users over to Forticlient ssl vpn first.  Then in a second phase apply ztna to these users.  But I am not seeing a lot of documentation on how to do the first part.  Or I am not googling correctly.

 

My end goal is to have users use my ADFS SAML server for authentication and Duo.com for 2FA.  This should apply to all users regardless if they are doing ZTNA or SSL VPN.  So any simple documentation or tips would be great.

saleha
Staff
Staff

Hi systemgeek,

 

I believe what you are looking for should be similar to the example on the following article link:

https://community.fortinet.com/t5/ZTNA/Technical-Tip-ZTNA-for-Corporate-hosts-with-SAML-authenticati...

 

Check the related document section on at the bottom of this article webpage please as there is a liberary video for similar illustration that might offer more information to assist you with this task.

 

Thank you,

saleha

Labels
Top Kudoed Authors