- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
ZTNA
does anyone here tried to configured their existing FG and FortiEMS for ZTNA setup?
Fortigate Newbie
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
I did, tags worked awesome before, ZTNA added complexity, and you cant activate it via GUI (bug)
You must enable it via CLI
config firewall policy edit <ID> set ztna-status enable set ztna-ems-tag <ZTNA_TAG_NAME? next end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
skyegool wrote:Hi,
I did, tags worked awesome before, ZTNA added complexity, and you cant activate it via GUI (bug)
You must enable it via CLI
config firewall policy edit <ID> set ztna-status enable set ztna-ems-tag <ZTNA_TAG_NAME? next end
thanks for the response mate. So having FG and EMS/FortiClient are good enough for ZTNA setup?
Fortigate Newbie
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
It does not work for me, traffic not matching the policy.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi @Fullmoon
Sorry for late response. Do you still need help with ZTNA ?
Pavol
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
We are deploying ztna for the first time with fortisase and have had nothing but problems so far.Only RDP works and that takes for ever to load up.ssh does not work.Also using any ztna tags in policy breaks everything.Version is 7.0.9.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Can you please log a TAC ticket so we can assist you with your issue ?
Thanks
Pavol
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Shaibal,
for reference you can use following deployment types:
1.ZTNA HTTP Access proxy
2. ZTNA TCP forwarding:
Please refer to this link for concepts and guides:
https://docs.fortinet.com/ztna
Regards
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello
Can you please log a TAC ticket so we can help you further ?
thanks
Pavol