Hello, I'm trying to get ZTNA up and running and have the following:EMS
and FortiClients running 7.2.4FGT600F running 7.0.14, linked to EMS and
'seeing' the configured ZTNA tags I have successfully set up ZTNA tags
and policies on EMS and I can see t...
Hi,Customer has purchased some FortiAPs, to be managed by FortiGate.They
want to authenticate staff onto an SSID if they present a particular
machine certificate (signed by their CA), just like you can do with SSL
VPN.I've tried configuring it but it...
Hi, I'm working with a customer who need to source NAT all traffic
coming in on one interface and going out of another, but they only want
to translate the 2nd Octet. For example:Real Source IPNATed Source
IP172.16.18.23172.20.18.23172.16.63.115172.2...
Hi, I have a project to implement SD-WAN for a client so I'm labbing it
with FMG on 7.2.4 and FTGs on 7.2.6. I can get everything working but
there is an oddity... When configuring the SDWAN overlay template, the
third page of the wizard asks for the...
Hello,I'm working with a client who have recently migrated to Fortigate
firewalls running 7.0.13 and using FSSO (agent based) for rules to be
based on AD group membership.On the whole this is working fine apart
from users who connect via a docking st...
UPDATE: seems some existing VIPs were conflicting with the ZTNA config.
Removed the VIPs and now it work working. However, it only works via TCP
forwarding. It doesn't work with native HTTPS. Any ideas why this might
be?
Hi @dbu and thank you for your quick response,I guess it depends how the
NAT pool operates? Will it do what I illustrated in my original post
(only change the 2nd octet) or will it start at the bottom of the pool
and work up like below? So assuming t...