Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aguerriero
Contributor II

Created on ‎09-12-2023 12:39 PM

ZTNA wildcard fqdn destination not working

I added a wildcard ztna destination.

 

*.domain.com:3389

When I do nslookups I get the VIP address for every host I try to connect to in that domain. When trying to connect via RDP nothing happens with the fortclient. The fortitcs log doesn't show anything happening.

I am using this link to set it up following the method 1 instructions. Step 2 is a little confusing as this looks like it was just copy and paste instructions from a previous version of EMS since adding ZTNA destinations is a little more involved than that.
https://docs.fortinet.com/document/forticlient/7.2.0/new-features/397618/wildcard-support-for-ztna-f... 

Labels:
1022
0 Kudos
2 REPLIES 2
pmeet
Staff
Staff

Created on ‎09-12-2023 12:55 PM

I would recommend checking the logs and configuration on the FortiGate as well if the request is even getting sent to the FortiGate or not 

PATELMM
1015
0 Kudos
aguerriero
Contributor II
In response to pmeet

Created on ‎09-12-2023 01:14 PM

diagnose wad debug enable category all

diagnose wad debug enable level verbose

diagnose debug enable

Nothing from that client is shown on the fortigate. If I create a personal destination in the forticlient using the fqdn (hostname.domain.com:3389) that works just fine and I can connect to the specified servers. 

1007
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.