I had been struggling for a while with ZTNA. At this moment we only want to use it to control access by IP. Users will be tagged regarding AD groups and then Tags will be allowed or denied on FortiGate. I have three FortiGate's (on-premises, Azure and OCI)
I finally managed to get that working on-premises, but then even when I'm receiving the tags on my OCI FortiGate, traffic doesn't match the policy.
I asked (through chat option) to Fortinet if have the Security Fabric configured on every FortiGate was a requirement, and they said that I don't need it for my simple setup. As long as I have connector working it should work.
Does any one have a setup like this? has any one connected one EMS to several FortiGate's ?
That could be a version problem also because FortiEMS is at version 7.0.7, on-Prem FGT is at 7.0.11 but the other 2 FortiGate's are at 7.0.5.
I'm planning upgrading them, but on I'm not sure if that will solve my problem.
Thanks for taking the time to search a solution for me. Yes, i followed that configuration and It worked on my 1500D (on-prem) on 7.0.12 but it doesn't work with those on 7.0.5 version. I think is a version problem, even when they said versions are compatibles.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.