Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
KennethH
New Contributor III

ZTNA Configuration

Hello,

I am tryin to test out ZTNA to replace our SSL-VPN.
But I cant get it to work.

Searched, read and looked at videos - but still nothing.

Can the issue be that i am using Interface zone under the ZTNA-Rule and Direct Interface under ZTNA Server (Because i cant choose Zone)

ZTNA-Server:
ZTNA-Server-Ext-Interface.jpg
ZTNA-Rule:
ZTNA-Rule-Interface.jpg

Fortigate 100F (HA) running version 7.0.9
EMS Version: 7.0.4 build 0276

Learning fortinet....... :)
Learning fortinet....... :-)
5 REPLIES 5
Anthony_E
Community Manager
Community Manager

Hello Kenneth,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello Kenneth,

 

We are still looking for someone to help you.

We will come back to you ASAP.


Regards,

Anthony-Fortinet Community Team.
KennethH
New Contributor III

Hello @Anthony_E 
I got it working with help from reddit.
So to answer my own question, it works with Interface zones

Learning fortinet....... :)
Learning fortinet....... :-)
Markus_M

Hi Kenneth,

 

it *should* not make a difference, zones or not.

Still ZTNA isn't working I guess. The FortiGate should have the destination object as a VIP and your policy should be hit with traffic.

Do you see in logs that is happening or is it bypassing the traffic?

 

Best regards,

 

Markus

 

Anthony_E
Community Manager
Community Manager

Thank you for sharing your solution :)!

Anthony-Fortinet Community Team.
Top Kudoed Authors