Dear Colleagues,
we are facing issues with tcp forwarding on some MacOS mashines. On some Macs its working quite fine but some are not able to connect to ZTNA Destinations, while the normal ZTNA Web-Proxie stuff is working.
The FortiClient logs are showing the following on these devices:
2024-02-26T15:08:55.162 TZ=+0100 info ztna mergeCfg:{"enabled":0,"rules":[{"name":"replaced","mode":"transparent","enabled":0,"destination":"replaced","gateway":"replaced","encryption":0,"local_port":"7788","type":"private"}],"portals":null,"gateways":[{"redirect":"0","addr":"replaced","alias":"replaced","rules":[{"name":"replaced","mode":"transparent","enabled":1,"destination":"replaced","gateway":"","encryption":0,"local_port":"7788","type":"private"}]}],"notify_on_error":1,"portals_enabled":1,"gateways_enabled":1}
2024-02-26T15:08:55.162 TZ=+0100 info ztna ztna disable
I replaced the private data with "replaced".
Every time you try to access a host, specified in the ZTNA Destinations, you will get this two lines in the ztna.log and ztnafw.log and it will not be able to connect.
Is this known to anybody and is there a solution around?
kind regards
stephan
PS: We are using FortiOS 7.2.7, EMS Cloud v7.2.2 build 0879 and FortiClient 7.2.3.0822 (we tried older Versions as well)
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
We found out how to fix this. I configured ZTNA destinations in EMS to be not visible to the Clients. Not sure if this is related to the Problem or the fix. But I made it visible again and the Clients could fix the problem by just disable ZTNA and activate it again on the tab "ZTNA Destination".
Hello Stephan,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
We found out how to fix this. I configured ZTNA destinations in EMS to be not visible to the Clients. Not sure if this is related to the Problem or the fix. But I made it visible again and the Clients could fix the problem by just disable ZTNA and activate it again on the tab "ZTNA Destination".
Thanks a lot for sharing the solution Stephan!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1631 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.