Fortimanager Azure Saml multiple Fortigates

Forum|Forum|1 year ago
January 10, 2025
4 replies
1342 views

Hello,

We have a bunch of Fortigates which are acting as SSL VPN hubs and we use Azure SSO for user's authentication. So far so good, but recently we bought FortiManager for managing those firewalls and basically i want to create a single Policy Block which will contain all SSL VPN policies for all resources, so the users can connect to the nearest Fortigate and have same access to whatever Fortigate they connect. But the issue i am facing is related to Azure SAML configuration and the impossibility to use single group object ID ( retrieved from Azure AAD ) which can be applied to all Fortigates...
Please suggest, how can i fix this, without having separate policies for every single Firewall and when change is needed i need to change the respective policy on all devices

Anthony_E

Staff

Hello,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Best Regards

Anthony_E

Staff

Hello,

We are still looking for someone to help you.

We will come back to you ASAP.

Regards,

Best Regards

pminarik

Staff

Can you clarify what you mean by "single group object ID"?

As far as I know, individual user groups in Azure ID have their own unique group IDs, but those are static. But maybe that's not what you meant.

gllgeorgiev1Author

New Member

Hello guys, i figured it out - i am creating a common Azure SAML Server configuration on the Fortimanager and i put inside it per-device mappings for every firewall.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded