Skip to main content
CvB
CvB
New Member
August 23, 2022
Question

SSL VPN with Smartcard

  • August 23, 2022
  • 3 replies
  • 4006 views

Hi,

 

I want to configure a SSL VPN with a Smartcard authentication.

Is this possible?

 

Fortigate Version:     6.4.8 build1914 

FortiClient version:   6.4.6.1658

 

Regards

Chris

 

 

3 replies

lol
Staff
lol
Staff
August 25, 2022

Hello,

 

 

2-factor authentication is possible with Fortinet mobile or hardware tokens.

Refer to https://docs.fortinet.com/document/fortigate/7.0.6/administration-guide/323465/fortitokens for the start.

 

 

Regards

    pminarik
    Staff
    pminarik
    Staff
    August 25, 2022

    Client-certificate-based authentication is definitely supported, even when the certificates are stored on a smartcard. I handled a handful of support tickets in the past where customers were using this.

     

    With that said, be aware that weird edgecases do exist and can cause compatibility issues, so please make sure to perform some tests of your chosen smartcard + PC + FortiClient + FortiGate before you commit to it.

      doncacciatoconsuting
      doncacciatoconsuting
      Explorer II
      July 25, 2024

      @pminarik - Interesting...Do you have any implementation documentation for this ?

      pminarik
      Staff
      pminarik
      Staff
      August 2, 2024

      There's heaps of documents for client-certificate-based SSL-VPN authentication, in various states of up-to-date-ness. Try this for example - https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/266506/ssl-vpn-with-certificate-authentication

        doncacciatoconsuting
        doncacciatoconsuting
        Explorer II
        August 2, 2024

        Thanks all, I'm on the right track.

        Terms & ConditionsAccessibility statement