Fortinet black logo

Administration Guide

Configuring a zero trust tunnel example

Configuring a zero trust tunnel example

For information on Zero Trust Network Access (ZTNA), see Zero Trust Network Access introduction in the FortiOS Admin Guide.

This example shows zero trust tunnel-related configuration for FortiAuthenticator.

For detailed zero trust tunnel configuration, including setting up a remote zero trust server, see the Setting up a zero trust tunnel recipe in the FortiAuthenticator Cookbook on the Fortinet Docs Library.

Configuring a zero trust tunnel on FortiAuthenticator
To configure a zero trust tunnel:
  1. Go to System > Network > Zero Trust Tunnels.
  2. Select Create New.

    The Create New Zero Trust Tunnel window opens.

  3. In Name, enter a name for the zero trust tunnel.
  4. In URL, enter the URL of the zero trust tunnel.
  5. In the Client certificate dropdown, select a certificate.
  6. Click OK.
Configuring an LDAP server with zero trust tunnel enabled on FortiAuthenticator
To configure an LDAP server:
  1. Go to Authentication > Remote Auth. Servers > LDAP, and select Create New.
  2. In Create New LDAP server:
    1. In Name, enter a name.
    2. Enable Use Zero Trust tunnel and from the dropdown select a zero trust tunnel.
    3. In Primary Server IP, enter the IP address of the server.
    4. In Port, enter the port number.
    5. In Base distinguished name, enter a base distinguished name.
    6. In Bind Type, select Regular.

      Enter the username and password for the LDAP user.

  3. Click OK.

Configuring a zero trust tunnel example

For information on Zero Trust Network Access (ZTNA), see Zero Trust Network Access introduction in the FortiOS Admin Guide.

This example shows zero trust tunnel-related configuration for FortiAuthenticator.

For detailed zero trust tunnel configuration, including setting up a remote zero trust server, see the Setting up a zero trust tunnel recipe in the FortiAuthenticator Cookbook on the Fortinet Docs Library.

Configuring a zero trust tunnel on FortiAuthenticator
To configure a zero trust tunnel:
  1. Go to System > Network > Zero Trust Tunnels.
  2. Select Create New.

    The Create New Zero Trust Tunnel window opens.

  3. In Name, enter a name for the zero trust tunnel.
  4. In URL, enter the URL of the zero trust tunnel.
  5. In the Client certificate dropdown, select a certificate.
  6. Click OK.
Configuring an LDAP server with zero trust tunnel enabled on FortiAuthenticator
To configure an LDAP server:
  1. Go to Authentication > Remote Auth. Servers > LDAP, and select Create New.
  2. In Create New LDAP server:
    1. In Name, enter a name.
    2. Enable Use Zero Trust tunnel and from the dropdown select a zero trust tunnel.
    3. In Primary Server IP, enter the IP address of the server.
    4. In Port, enter the port number.
    5. In Base distinguished name, enter a base distinguished name.
    6. In Bind Type, select Regular.

      Enter the username and password for the LDAP user.

  3. Click OK.