Fortinet Community

aguerriero · 09-12-2023

I added a wildcard ztna destination. *.domain.com:3389When I do nslookups I get the VIP address for every host I try to connect to in that domain. When trying to connect via RDP nothing happens with the fortclient. The fortitcs log doesn't show anyth...

aguerriero · 09-07-2023

Forticlient 7.2.1Windows 10JetBrains/DataGrip SSH clientPutty 0.76When setting up a ZTNA destination I can connect to devices using putty/ssh and everything works. When using JetBrains/DataGrip database IDE that uses the openSSH library, the applicat...

aguerriero · 08-08-2023

I am trying to implement the shadow-ztna feature so I do not have to host dns entries for internal resources on the public internet. I am using the below 7.2.5 administration guide. It states that the command is hidden but on the 200F running 7.2.5 t...

aguerriero · 08-04-2023

I am following the below document. The machine account that I specify does not connect to the VPN automatically. If I manually enter the machine username and password during vpn pre login, the VPN will connect.https://docs.fortinet.com/document/forti...

aguerriero · 08-03-2023

I have been testing out a client doing various things on it and now I get a ZTNA client certificate not provided error. Sometimes I can connect to gateways and sometimes not. Another test forticlient is using the exact same policy and profiles and is...

aguerriero · 09-12-2023

diagnose wad debug enable category alldiagnose wad debug enable level verbosediagnose debug enableNothing from that client is shown on the fortigate. If I create a personal destination in the forticlient using the fqdn (hostname.domain.com:3389) that...

aguerriero · 09-11-2023

Looks like it is the UI timing out before the forticlient can intercept the traffic. I'll take this to the jet brains forum to see if there is something that can be changed there.

aguerriero · 09-07-2023

From the attached screenshots I can use the jetbrain ssh client to ssh to any destination that is not ztna (100.99.32.148).I can use the windows openssh client from cli and get the fortigate/FAC MFA prompt for ztna destination 10.235.0.1. The jetbrai...

aguerriero · 08-08-2023

Yes, entries cannot be edited. But this line in the 7.2.5 administration guide says I can view shadow ztna entries.

aguerriero · 08-08-2023

I am hoping the fix will be that all ZTNA tags are shared across all firewalls and vdoms that have fabric connections to the same EMS server. Also the workaround for only connecting to one access proxy requires backside routing. Each of the firewalls...

Fortinet Community

User Statistics

User Activity

ZTNA wildcard fqdn destination not working

ZTNA ssh proxy not working with some SSH clients.

FortiOS shadow-ztna dns option missing from 7.2.5

Per-machine prelogon VPN connection without user interaction, not working

ZTNA Access Denied - No ZTNA client certificate was provided

Re: ZTNA wildcard fqdn destination not working

Re: ZTNA ssh proxy not working with some SSH clients.

Re: ZTNA ssh proxy not working with some SSH clients.

Re: FortiOS shadow-ztna dns option missing from 7.2.5

Re: ZTNA Multple Access Proxies and VDOM mode

Re: RX & TX power value different.

Per-machine prelogon VPN connection without user i...

Re: EMAC Duplicate mac address on different firewa...

Re: syslogd override source-ip missing from 7.2

Re: Fortinet Failover

Re: ZTNA ssh proxy not working with some SSH clien...

Re: EMAC Duplicate mac address on different firewa...

Re: OSPF with vxlan over IPSec

Re: fortios API for vip/load balancer not saving l...