Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
scve_vlehemonet
New Contributor

Created on ‎04-29-2025 03:09 PM

Forticlient EMS - ZTNA gateway not showing when I add an application

Hello,

 

I'm running FortiClient EMS 7.4.3 with a FG-120G on version 7.4.7.

 

I've configured some ZTNA access on the FortiGate, and it works like a charm.

 

Now, I'm trying to push the ZTNA connection through EMS. The great thing is, my ZTNA applications are automatically detected since my FortiGate and EMS are connected via a connector.

 

Screenshot 2025-04-29 175438.png

My problem is: when I try to create an application, I can't see those gateways.

 

Screenshot 2025-04-29 175509.png

And of course, if I try to create a new gateway with the same IP, I can't.

 

Screenshot 2025-04-29 175541.png

 

In the ZTNA destination profile, I see both of my auto-detected applications, but they're not being pushed to the EMS client.

 

Screenshot 2025-04-29 180317.png

So, I'm a little lost here — the "Web Proxy Rules" are not being pushed to the client, and I can't create a rule because I can't create an application, since I don't see the gateway.

 

I was able to create an application with a fake gateway, download the XML, modify the gateway, and re-upload it. But I'm pretty sure it shouldn't be that complicated.

 

If anyone can help me with this, it would be appreciated.

 

Thanks,

 

Labels:
925
0 Kudos
1 Solution
scve_vlehemonet
New Contributor
In response to AEK

Created on ‎05-01-2025 12:23 PM

I finally found my mistake, my ZTNA destination in my FG was defined as HTTPS (reverse Proxy) and not as TCP Forwarding so of course it was not available in the ZTNA application. It works perfectly through the EMS now.

View solution in original post

867
2 REPLIES 2
AEK
SuperUser
SuperUser

Created on ‎04-30-2025 01:05 PM

Hello

Didn't test it but I guess auto-detected gateways/applications can't be changed from EMS, but only from FG.

Unstead of adding application from EMS, you should simply add it from your FG and it will be synchronized automatically.

AEK
AEK
885
scve_vlehemonet
New Contributor
In response to AEK

Created on ‎05-01-2025 12:23 PM

I finally found my mistake, my ZTNA destination in my FG was defined as HTTPS (reverse Proxy) and not as TCP Forwarding so of course it was not available in the ZTNA application. It works perfectly through the EMS now.

868
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.