Fortinet ZTNA Access Proxy dropping traffic

Code: 7.2.2 ZTNA Proxy dropping traffic

This also effects other versions of the code as well.

End user is using ZTNA to provide terminal services gateway to some remote staff and finding the traffic dies for all users every 5 minutes or so.

Microsoft Remote Desktop is pretty good a resuming the connection but still annoying interruption... Coincidently they also see the WAD crashing issue on the Fortigate.

More and more it is looking like the case, The end user has a ticket with Fortinet based on the WAD crashing and have also asked the question re ZTNA.

Solution: This is a known bug in the code. You can work around the issue by not using the ZTNA tags as that is what is causing the issue while the Fortigate processes the tag updates from the EMS cloud or server.

Fortinet ZTNA does have issues at this time.

End User reports after fix: As soon as they removed the tags the sessions are now stable!

Forti Tac stated this was fixed in Code 7.0.8 and would be fixed in Code 7.2.8 due out next month.

After upgrading to FGT 7.2.x from 7.2.0 there's a conversion format change on EMS tags causing the tags not to match with the proxy policy and the traffic will be dropped!

Workaround will be to reset the Tags and reboot the FGT.

Removing the tags and adding them back due to conversion in the tag format. After that step, if you hover around the tags it will display the endpoint connection. If you still have issues you can try a reboot after resetting the tag!