I am experimenting with ZTNA and FortiClient and having success except for accessing a Windows File Share in a seamless manner. The Fortinet ZTNA documentation provides two great examples for RDP and SMB. RDP works. The SMB example only works on a non-domain-joined client. I can map the drive successfully via ZTNA using FQDN and "connect using different credentials" and providing my same login credentials. But that does not survive a reboot. Nor does mapping by IP instead of FQDN.
I think Kerberos is getting in the way. There is no direct line of sight to a DC. I have gone down the rabbit hole of configuring a Windows KDCProxy and configuring the client to use the proxy. This has not yet corrected the issue though I am reviewing my KDCProxy configuration.
If anyone could share tips to get SMB working via ZTNA is a way that is seamless to the end user, I would appreciate it.
Hello Max,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello Max,
We are still looking for someone to help you.
We will come back to you ASAP.
Regards,
Hi maxheadroom,
following guide may help in your scenario:
Other:
ZTNA for SMB applications is described in following guide:
Video:
https://video.fortinet.com/latest/ztna-access-for-ssh-and-smb-applications
Regards
I'm struggling with the Kerbereos problem since months.
Fortinet support was not able to help by now.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1107 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.