Scribd
Upload
23 views3 pages

ZTNA

The document serves as a comprehensive resource center for Zero Trust Network Access (ZTNA), detailing various guides and troubleshooting tips related to ZTNA architecture, deployment, tagging, and diagnostics. It also covers synchronization between FortiClient EMS and FortiGate, access proxy configurations, and secure access protocols. Additionally, it provides insights into ZTNA policies, error resolutions, and integration with SSL VPN and FortiSASE technologies.

Uploaded by

danganhkhoa2008
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
23 views3 pages

ZTNA

The document serves as a comprehensive resource center for Zero Trust Network Access (ZTNA), detailing various guides and troubleshooting tips related to ZTNA architecture, deployment, tagging, and diagnostics. It also covers synchronization between FortiClient EMS and FortiGate, access proxy configurations, and secure access protocols. Additionally, it provides insights into ZTNA policies, error resolutions, and integration with SSL VPN and FortiSASE technologies.

Uploaded by

danganhkhoa2008
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

ZTNA Resource Center

Title Description
ZTNA Portal Page for a centralized
ZTNA Portal resource center.
ZTNA Architecture guide with design
ZTNA Architecture Guide concepts and considerations.
ZTNA Deployment guide with design
ZTNA Deployment Overview concepts and considerations.
ZTNA Posture check based on ZTNA
ZTNA Tagging and Posture Check Tagging rule sets.
ZTNA Troubleshooting and Diagnostics ZTNA troubleshooting and debugging
Commands commands.
ZTNA Troubleshooting Scenarios ZTNA troubleshooting scenarios.

EMS and FortiGate Sync


Title Description
Establishing FortiClient EMS Security
Configuring FortiClient EMS
Fabric Connector.
Synchronizing FortiClient ZTNA tags Configuring ZTNA Tags synchronization.
Troubleshooting tips for Security
Troubleshooting FortiGate with EMS
FortiClient EMS Fabric Connector.
Automatic and manual deletion process of
How to delete ZTNA Tags
ZTNA Tags.
ZTNA Tags fail to synchronize between Object Tagging blocking ZTNA Tags
FortiClient EMS and FortiGate synchronization.
How to check if FortiGate is authorized by CLI commands to check whether FortiGate
the EMS server via CLI has been authorized in EMS.
'Endpoint Control' feature not visible Endpoint Control configuration can be
under Feature Visibility after upgrade to controlled by Feature Visibility in FortiOS
FortiOS v7.4.0 7.4.0+.

ZTNA Access Proxy - Full ZTNA


Title Description
How to read FortiGate WAD debugs from
Explanation of how to read WAD debugs
ZTNA TCP-Forwarding connection with
SAML Authentication for ZTNA Access Proxy connections.

Accessing multiple web servers hosted via Leveraging Virtual Host to access multiple
single ZTNA Server - Access Proxy servers via a single ZTNA Access Proxy
(HTTP/HTTPS type) Server.
Behavior of ZTNA Tags shared across
Unable to ZTNA Tags across multiple
multiple vdoms and multiple FortiGate
units VDOMs and multiple FortiGates
Unable to manage FortiGate via ZTNA Limitation to administrative access to
Access Proxy after firmware upgrade to FortiGate via Access Proxy.
7.0.6 or higher
How to configure ZTNA Session Based ZTNA Session-Based Authentication with
Authentication with MFA token MFA token.
ZTNA TCP Forwarding Access Proxy (ZTAP)
File Share Access via ZTNA Access proxy.
for File Shares (SMB)
ZTNA access proxy with KDC to access File Share Access via KDC Proxy endpoint
shared drives protected by ZTNA Access Proxy.
Unable to match firewall policy with ZTNA
Unable to match ZTNA Firewall policy
type when interface assigned to ZTNA VIP when SD-WAN is enabled.
is a SDWAN member
Unable to match ZTNA proxy policy or Unable to match ZTNA proxy or firewall
ZTNA firewall policy when SAML policy when FortiAuthenticator is used as
authentication is enabled SAML IdP.
Unable to match ZTNA Proxy Policy of
Unable to match ZTNA Proxy Policy when
ZTNA Firewall Policy when Geography IP is GeoIP is used in the source address field.
used in source addres...
Unable to access resources protected via
ZTNA Destinations for TCP Forwarding are
ZTNA Access proxy TCP Forwarding when inaccessible when the endpoint is OnSite.
On-Net
Creating On-Fabric Detection Rules to Controlling ZTNA Destination profile based
control ZTNA Destinations Profile on On-Fabric Detection Rules.
How to check ZTNA traffic logs on
Unable to see ZTNA Traffic Logs from
FortiGate when only FortiAnalyzer logging FortiAnalyzer.
is enabled
Introduce simplified ZTNA rules within Comparison between ZTNA Access Proxy
firewall policies Policies and ZTNA Firewall Policies.
ZTNA user blocked with error 'Denied: cert ZTNA Access Proxy blocked by untrusted
auth failed, cert-status:untrusted fail- Certificate between FortiGate and
reason:(null)' FortiClient EMS Security Fabric Connector.
Unable to connect to ZTNA Access Proxy
ZTNA Access proxy connections to FIPS-
server when FIPS-CC is enabled on CC-enabled FortiGate may fail.
FortiGate
ZTNA Tag Matching logic for ZTNA and ZTNA Tag matching logic for secondary
Standard Firewall policies tag type and ZTNA Firewall Policies.

ZTNA Secure Access - IP/MAC Control


Title Description
ZTNA IP MAC based access control example ZTNA NAC Control example.
Assigning a VLAN via NAC policies controlled by ZTNA NAC policies for Switch
tags from EMS Controller with ZTNA Tags.
Resolve error
Error when trying to import
'DYNAMIC_ADDRESS_UPDATE_RETVAL_CMDB_ERROR'
ZTNA tags.
when trying to process/import ZTNA tags
NAC policies for Wireless
Configuring wireless NAC support with ZTNA Tags
Controller with ZTNA Tags.

SSL VPN - FortiClient and FortiGate


Title Description
ZTNA device certificate verification from Enabling SSLVPN Certificate
EMS for SSL VPN connections authentication with ZTNA Certificate.
Restricting Access to SSL VPN Connections
Secure remote access configuration guide
based on ZTNA Tags.

FortiSASE - Access Proxy and Secure Access


Title Description
FortiSASE Endpoint with ZTNA Shortcuts FortiSASE agent-based ZTNA Access proxy
Deployment configuration.
ZTNA Access Proxy and Secure Access
SPA Using ZTNA Deployment Guide
deployment guide.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy