Skip to main content
Rdelvi
Rdelvi
New Member
February 16, 2022
Question

Configure forticlient with Azure SSO

  • February 16, 2022
  • 1 reply
  • 3333 views

Hello Everyone,

I have a problem configuring  the Forticlient  with Azure SSO (Azure in mode hybrid using ADFS, my account has MFA configured too). When I want to connect and login, don't show me to put the username and password. In the web forticlien version, this is working.

I tried with forticlient (ver 6  and 7) and windows 10.

Someone has configured forticlient with Azure SSO?

Thanks a lot.

1 reply

Debbie_FTNT
Staff & Editor
Debbie_FTNT
Staff & Editor
February 17, 2022

Hey Rdelvi,

are you trying a setup with SAML authentication, or what exactly do you mean with Azure SSO in this context?

If SAML:

Do you have the Single-Sign-On option enabled in SSLVPN?

Debbie_FTNT_0-1645090112778.png

If yes, then you should see an SSO login option only when trying to connect to VPN; this will open a browser through FortiClient and direct you to Azure for the login. You don't actually type the username/password into FortiClient directly.

 

If this is not SAML, can you elaborate on the FortiGate side setup and how the user should be authenticated against Azure? You will also need to disable the Single Sign On option in VPN tunnel, as that is only for SAML login.

Maerre
Maerre
Explorer III
March 30, 2023

Hello,

 

i'm going to do the same implementation, where do i have to issue the cli command?

On the root vdom, on the global or in another vdom?

 

thank you

Julien87
Julien87
Contributor II
March 30, 2023

Hi,

 

I have follow this link for my MFA with Azure and it's ok. Warning just with slash / at the end of idp-entity-id (if my mind is good....)

 

https://www.ultraviolet.network/post/implementation-guide-fortigate-ssl-vpn-with-microsoft-azure-saml-2fa 

 

 

Best regards,

Terms & ConditionsAccessibility statement