does anyone here tried to configured their existing FG and FortiEMS for ZTNA setup?
Fortigate Newbie
Hi,
I did, tags worked awesome before, ZTNA added complexity, and you cant activate it via GUI (bug)
You must enable it via CLI
config firewall policy edit <ID> set ztna-status enable set ztna-ems-tag <ZTNA_TAG_NAME? next end
skyegool wrote:Hi,
I did, tags worked awesome before, ZTNA added complexity, and you cant activate it via GUI (bug)
You must enable it via CLI
config firewall policy edit <ID> set ztna-status enable set ztna-ems-tag <ZTNA_TAG_NAME? next end
thanks for the response mate. So having FG and EMS/FortiClient are good enough for ZTNA setup?
Fortigate Newbie
It does not work for me, traffic not matching the policy.
Hi @Fullmoon 
Sorry for late response. Do you still need help with ZTNA ? 
Pavol
We are deploying ztna for the first time with fortisase and have had nothing but problems so far.Only RDP works and that takes for ever to load up.ssh does not work.Also using any ztna tags in policy breaks everything.Version is 7.0.9.
Hello 
Can you please log a TAC ticket so we can assist you with your issue  ?
Thanks
Pavol
Hi Shaibal,
for reference you can use following deployment types:
1.ZTNA HTTP Access proxy
2. ZTNA TCP forwarding:
Please refer to this link for concepts and guides:
https://docs.fortinet.com/ztna
Regards
Hello
Can you please log a TAC ticket so we can help you further ? 
thanks
Pavol
 
					
				
				
			
		
| User | Count | 
|---|---|
| 2647 | |
| 1405 | |
| 810 | |
| 690 | |
| 455 | 
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.