Configuring a ZTNA server
To configure a ZTNA server:
- Go to Policy & Objects > ZTNA and select the ZTNA Servers tab.
- Select Create New.
The New ZTNA Server window opens.
- In Type select IPv4.
Once set up, Type cannot be changed when editing the ZTNA server.
- In Name, enter a name for the server.
- In the Network pane:
- In External interface dropdown, select an external interface.
Select Create to create a new interface.
- In External IP, enter the external IP address that the clients connect to.
- In External port, enter
389
.By default, LDAP uses port
389
.
- In External interface dropdown, select an external interface.
- In Services and Servers pane:
- In Default certificate dropdown, select Fortinet_Factory.
Clients are presented with this certificate when they connect to the access proxy VIP.
- In Service/server mapping, select Create new.
The New Service/Server Mapping window opens.
- In Type, select IPv4.
All hosted servers must be the same address type. The address type cannot be changed after the mapping is created.
- In Service, select TCP Forwarding.
- In the Servers pane, add a server by selecting Create new.
Select an address and enter a port or a port range.
Click OK.
- Click OK.
- In Type, select IPv4.
- In Default certificate dropdown, select Fortinet_Factory.
- Click OK.