Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
tschacherl
New Contributor II

Prevent Connection to WiFi if Forticlient is not installed on endpoint

I have a fortigate 60E with Fortios 7.4.7. I have FortiClientEMS 7.2.8. What I'm trying to find out is if I can block endpoints that don't have FortiClient installed from connecting via the WiFi. Are there any cookbook recommendations for this? 

3 REPLIES 3
AEK
SuperUser
SuperUser

If you mean your company's WiFi, then you can use ZTNA tags in the firewall rules that are allowing traffic from the SSID(s) to the other networks.

Once you do that, only clients that have the tags can communicate through the desired SSID(s).

AEK
AEK
tschacherl
New Contributor II

Are you able to point me to any docs that might provide a step-by-step on how to implement this? 

AEK
SuperUser
SuperUser

Here is a tutorial.

https://docs.fortinet.com/document/fortigate/7.2.11/administration-guide/477578

 

Also here is a full ZTNA documentation, in case you want to read more about ZTNA, to understand it more and to be more able to configure it.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-ZTNA-Zero-Trust-Network-Access-Resource-Li...

Hope it helps.

AEK
AEK
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors