We have a client with centrally managed Forti EMS server at their Head Office which is on namespace1.local domain.
They have 5 other branches, each on its own domain.
I have connected all FortiGate firewalls via IPsec tunnels.
If someone could please assist me with these questions - Much appreciated!
1. Since EMS deploys clients by hostname only, would I have to create new zones on the internal DNS, or must there be a trust relationship established between different domain controllers? Is there any other way to do this?
2. Is there anything that needs to be done on the branch firewall with regards to adding the EMS server pointing to the local IP? Can branch firewall communicate to it on a local IP (or must be published on a WAN port)
3. All firewalls are on 6.0.2 (3). I can ping hosts across on IP address.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.