Hi,
have an issue with a newly configured EMS and Forticlient solution. On the Forticlient we are missing the "ZTNA Connection Rules" tab and when we configure a ZTNA Destination in EMS it doesn´t work or shows up in the hosts file. The ZTNA Destination profile also includes to allow personal
We have also configured the ZTNA Server in the Fortigate, connected it to the fabric and verified licensing ("Zero Trust Access: Included").
The endpoint have a ZTNA Serial Number, endpoint and the ZTNA features is installed.
Have anyone experienced this issue before?
Image of the Forticlient
Thanks!
Just for your reference, same issue here with version 7.0.9.
I can at least confirm the above mentioned behavior-change starting with version 7.0.6, because with down-grading to version 7.0.5 the ZTNA Connections Rules will be displayed in FortiClient correctly. But it's still not working here as well.
But I can see now traffic hitting the FortiADC (yes we are not working with a FortiGate in our PoC). WIth version 7.0.9 nothing was hitting the FortiADC, so it's really not only not visible in FortiClient, but definitely not working.
In Wireshark this looks like this:
UPDATE:
Traffic is also visible on the serverside of the ADC, but here RDP-server is resetting the connection:
Any further ideas?
Thank you!
Regards Stefan :)
If the ZTNA Destinations Profile enabled but the Eye icon is blur, try to disable the Profile and enable again to see clear Eye icon, it should work as long as ZTNA License is valid.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.