Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Fortinet white logo
Fortinet docs logo DOCUMENT LIBRARY
Products Best Practices Hardware Guides Products A-Z
Summary
By Solution
By 4D Pillars
By Cloud
Secure Networking
Unified SASE
Security Operations
Secure SD-WAN
Secure Access Service Edge (SASE)
ZTNA
LAN Edge
Identity and Access Management
Next Generation Firewall
Public Cloud
Private Cloud
FortiCloud
Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
    • More >>
    Unified SASE
  • Single Vendor SASE
  • Cloud Network Security
  • Secure Endpoint Connectivity
  • Web Application / API Protection
    • More >>
    Security Operations
  • Security Operations Automation
  • Identity
  • Early Detection & Prevention
    • More >>
    Secure Networking
  • Hybrid Mesh Firewall
  • NOC Management
  • LAN
  • WAN
  • Communication & Surveillance
    • Unified SASE
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Cloud Network Security
  • Cloud-Native Security
  • Web Application / API Protection
    • Security Operations
  • Security Operations Automation
  • Endpoint
  • Data Protection
  • Identity
  • Email
  • Early Detection & Prevention
  • Expert Services
  • Edge Firewall
  • Orchestration & management
  • SD Branch
  • Application Delivery
  • Single Vendor SASE
  • Secure Endpoint Connectivity
  • Secure Private Access
  • Thin Edge
  • Identity
  • Application Gateway
  • Enterprise Asset Management
  • Endpoint Agent
  • Agentless Security Posture
  • Identity
  • Wireless
  • Switching
  • Identity
  • Privilege Acccess Management
  • Next Generation Firewall
  • Orchestration & management
  • Expert Services
  • All
  • All
  • Account Management
  • SAAS Management
  • SAAS Application Security
  • Managed Services
  • Platform as a service (PAAS)
  • Other SAAS Services
    • 4D Resources
    Solution Hubs
  • 4D Pillars
  • Cloud
  • Popular Solutions

    • CLI Reference

    Home FortiProxy 7.6.0 CLI Reference
    7.6.0
    7.6.1
    7.6.0
    7.4.6
    7.4.5
    7.4.4
    7.4.3
    7.4.2
    7.4.1
    7.4.0
    7.2.12
    7.2.11
    7.2.10
    7.2.9
    7.2.8
    7.2.7
    7.2.6
    7.2.5
    7.2.4
    7.2.3
    7.2.2
    7.2.1
    7.0.19
    7.0.18
    7.0.17
    7.0.15
    7.0.14
    7.0.13
    7.0.12
    7.0.11
    7.0.10
    7.0.9
    7.0.8
    7.0.7
    2.0.13
    2.0.12
    2.0.0
    1.2.4

    config ztna service-connector

    config ztna service-connector

    Configure ZTNA service connector.

    config ztna service-connector
    Description: Configure ZTNA service connector.
    edit <name>
        set status [enable|disable]
        set connection-mode [forward|reverse]
        set forward-address {string}
        set forward-port {integer}
        set forward-destination-cn {string}
        set certificate {string}
        set trusted-ca {string}
        set encryption [enable|disable]
        set ssl-max-version [ssl-3.0|tls-1.0|...]
        set ssl-min-version [ssl-3.0|tls-1.0|...]
        set url-map {string}
        set relay-dev-info [enable|disable]
        set relay-user-info [enable|disable]
        set log [enable|disable]
        set health-check-interval {integer}
    next
end

    config ztna service-connector

    Parameter

    Description

    Type

    Size

    Default

    name

    Service-connector name

    string

    Maximum length: 79

    status

    Service-connector status.

    option

    -

    enable

    Option

    Description

    enable

    Enable the service-connector.

    disable

    Disable the service-connector.

    connection-mode

    Connection mode.

    option

    -

    Option

    Description

    forward

    Forward Service.

    reverse

    Reverse Service.

    forward-address

    service-connector address(IP or FQDN, reverse gateway must configure IP address).

    string

    Maximum length: 255

    forward-port

    Port number that forward traffic uses to connect to

    integer

    Minimum value: 1 Maximum value: 65535

    0

    forward-destination-cn

    CN for forward server.

    string

    Maximum length: 255

    certificate

    The name of the certificate to use for SSL handshake.

    string

    Maximum length: 35

    trusted-ca

    Trusted CA certificate used by SSL inspection.

    string

    Maximum length: 79

    encryption

    Enable/disable Encryption.

    option

    -

    disable

    Option

    Description

    enable

    Enable Encryption.

    disable

    Disable Encryption.

    ssl-max-version

    Highest SSL/TLS version acceptable from a server.

    option

    -

    tls-1.2

    Option

    Description

    ssl-3.0

    SSL 3.0.

    tls-1.0

    TLS 1.0.

    tls-1.1

    TLS 1.1.

    tls-1.2

    TLS 1.2.

    tls-1.3

    TLS 1.3.

    ssl-min-version

    Lowest SSL/TLS version acceptable from a server.

    option

    -

    tls-1.1

    Option

    Description

    ssl-3.0

    SSL 3.0.

    tls-1.0

    TLS 1.0.

    tls-1.1

    TLS 1.1.

    tls-1.2

    TLS 1.2.

    tls-1.3

    TLS 1.3.

    url-map

    URL pattern to match.

    string

    Maximum length: 63

    /tcp

    relay-dev-info

    Enable/disable device info relay.

    option

    -

    disable

    Option

    Description

    enable

    Relay device information to service connector

    disable

    Do not relay device information to service connector.

    relay-user-info

    Enable/disable user info relay.

    option

    -

    disable

    Option

    Description

    enable

    Relay user information to service connector

    disable

    Do not relay user information to service connector.

    log

    Enable/disable logging of traffic.

    option

    -

    enable

    Option

    Description

    enable

    Log all traffic by this service connector.

    disable

    Do not log traffic by this service connector.

    health-check-interval

    health check interval.

    integer

    Minimum value: 0 Maximum value: 600

    60
    Previous
    Next

    config ztna service-connector

    config ztna service-connector

    Configure ZTNA service connector.

    config ztna service-connector
    Description: Configure ZTNA service connector.
    edit <name>
        set status [enable|disable]
        set connection-mode [forward|reverse]
        set forward-address {string}
        set forward-port {integer}
        set forward-destination-cn {string}
        set certificate {string}
        set trusted-ca {string}
        set encryption [enable|disable]
        set ssl-max-version [ssl-3.0|tls-1.0|...]
        set ssl-min-version [ssl-3.0|tls-1.0|...]
        set url-map {string}
        set relay-dev-info [enable|disable]
        set relay-user-info [enable|disable]
        set log [enable|disable]
        set health-check-interval {integer}
    next
end

    config ztna service-connector

    Parameter

    Description

    Type

    Size

    Default

    name

    Service-connector name

    string

    Maximum length: 79

    status

    Service-connector status.

    option

    -

    enable

    Option

    Description

    enable

    Enable the service-connector.

    disable

    Disable the service-connector.

    connection-mode

    Connection mode.

    option

    -

    Option

    Description

    forward

    Forward Service.

    reverse

    Reverse Service.

    forward-address

    service-connector address(IP or FQDN, reverse gateway must configure IP address).

    string

    Maximum length: 255

    forward-port

    Port number that forward traffic uses to connect to

    integer

    Minimum value: 1 Maximum value: 65535

    0

    forward-destination-cn

    CN for forward server.

    string

    Maximum length: 255

    certificate

    The name of the certificate to use for SSL handshake.

    string

    Maximum length: 35

    trusted-ca

    Trusted CA certificate used by SSL inspection.

    string

    Maximum length: 79

    encryption

    Enable/disable Encryption.

    option

    -

    disable

    Option

    Description

    enable

    Enable Encryption.

    disable

    Disable Encryption.

    ssl-max-version

    Highest SSL/TLS version acceptable from a server.

    option

    -

    tls-1.2

    Option

    Description

    ssl-3.0

    SSL 3.0.

    tls-1.0

    TLS 1.0.

    tls-1.1

    TLS 1.1.

    tls-1.2

    TLS 1.2.

    tls-1.3

    TLS 1.3.

    ssl-min-version

    Lowest SSL/TLS version acceptable from a server.

    option

    -

    tls-1.1

    Option

    Description

    ssl-3.0

    SSL 3.0.

    tls-1.0

    TLS 1.0.

    tls-1.1

    TLS 1.1.

    tls-1.2

    TLS 1.2.

    tls-1.3

    TLS 1.3.

    url-map

    URL pattern to match.

    string

    Maximum length: 63

    /tcp

    relay-dev-info

    Enable/disable device info relay.

    option

    -

    disable

    Option

    Description

    enable

    Relay device information to service connector

    disable

    Do not relay device information to service connector.

    relay-user-info

    Enable/disable user info relay.

    option

    -

    disable

    Option

    Description

    enable

    Relay user information to service connector

    disable

    Do not relay user information to service connector.

    log

    Enable/disable logging of traffic.

    option

    -

    enable

    Option

    Description

    enable

    Log all traffic by this service connector.

    disable

    Do not log traffic by this service connector.

    health-check-interval

    health check interval.

    integer

    Minimum value: 0 Maximum value: 600

    60
    Previous
    Next