Dear Colleagues,

we are facing issues with tcp forwarding on some MacOS mashines. On some Macs its working quite fine but some are not able to connect to ZTNA Destinations, while the normal ZTNA Web-Proxie stuff is working.

The FortiClient logs are showing the following on these devices:

2024-02-26T15:08:55.162 TZ=+0100 info ztna mergeCfg:{"enabled":0,"rules":[{"name":"replaced","mode":"transparent","enabled":0,"destination":"replaced","gateway":"replaced","encryption":0,"local_port":"7788","type":"private"}],"portals":null,"gateways":[{"redirect":"0","addr":"replaced","alias":"replaced","rules":[{"name":"replaced","mode":"transparent","enabled":1,"destination":"replaced","gateway":"","encryption":0,"local_port":"7788","type":"private"}]}],"notify_on_error":1,"portals_enabled":1,"gateways_enabled":1}
2024-02-26T15:08:55.162 TZ=+0100 info ztna ztna disable

I replaced the private data with "replaced".

Every time you try to access a host, specified in the ZTNA Destinations, you will get this two lines in the ztna.log and ztnafw.log and it will not be able to connect.
Is this known to anybody and is there a solution around?

kind regards
stephan

PS: We are using FortiOS 7.2.7, EMS Cloud v7.2.2 build 0879 and FortiClient 7.2.3.0822 (we tried older Versions as well)