Skip to main content
guchinife
guchinife
New Member
April 2, 2024
Question

Firewall policies with AD user groups

  • April 2, 2024
  • 3 replies
  • 1312 views

Hello
I have configured in Fortigate two SSO (Single Sign-On) against Azure AD:
- One of them is to authenticate WIFI accesses.
- The other one is to authenticate user accesses to the VPN-SSL.

I want to create "Firewal Policy" based on Azure AD user groups.
What would be the best option for this?
-Create another SSO
-Set up an LDAP connection or use an existing SSO?
-Use one of the existing SSO's

Thank you...

 

3 replies

spoojary
Staff
spoojary
Staff
April 3, 2024

If one of your existing SSO configurations already integrates with Azure AD and meets your requirements for firewall policies, you can certainly use it for this purpose. This option might be simpler and more efficient if the existing configuration aligns with your needs.

hbac
Staff
hbac
Staff
April 3, 2024

Hi @harisp7,

 

In the source column, you need to see FSSO group and an address object for internal subnet. 

 

Regards, 

Terms & ConditionsCookie settingsAccessibility statement