Dear Support Team,
I hope this message finds you well.
I am a Java developer working remotely and have recently encountered connectivity issues with our internal servers following the implementation of the Zero Trust Network Access (ZTNA) policy. Previously, I was able to connect to our servers using a VPN without any problems. However, since the transition to ZTNA, I am consistently facing connection timeout errors.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello MayurAtTTI,
is the ZTNA configuration a HTTP access proxy or TCP forwarding proxy?
To investigate the issue you can enable following debugs in FGT CLI:
dia de reset
diagnose wad debug enable category all
diagnose wad debug enable level verbose
diagnose debug enable
Recreate the issue and after finishing enter the following to display ZTNA logs:
execute log filter category 0
execute log filter field subtype ztna
execute log display
This will give you an idea if there are device posture changes that would results in Policy violations.
Log&Report>ZTNA traffic should also provide you information about this.
Alternatively you can try to customize session ttl.
This can be used if stale TCP sessions need to be timed out faster, or should stay alive longer as certain software might need a longer session-ttl to keep functioning.
Regards
Created on 06-26-2024 09:59 PM Edited on 06-26-2024 10:05 PM
We are using TCP forwarding proxy
I am using below method to send request to internal server from local system connected with ZTNA
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.