Cybersecurity Forum

This forum is for all security enthusiasts to discuss Fortinet's latest & evolving technologies and to connect & network with peers in the cybersecurity hemisphere. Share and learn on a broad range of topics like best practices, use cases, integrations and more. For support specific questions/resources, please visit the Support Forum or the Knowledge Base.

KeitCope
New Contributor

SSLVPN using Azure AD (SAML)

Hello,
Does anyone know if its possible to configure an SSLVPN using Azure AD (SAML) for the user accounts?
Do I require a FortiAuthenticator to achieve this?

Does anyone know if this is not possible if its on Fortinets roadmap to implement, as LDAP becomes less common and SAML is growing?

thanks very much
1 Solution
dred_FTNT
Staff
Staff

There is  FortiOS NFR 505485 for implementing the SP role in FortiGate, which would allow SSO for SSL VPN users using Azure AD as the IdP.    This would address your scenario without FAC.  
I am not sure what the status is of that NFR.   We've also seen requests for the FortiClient to support SAML SSO for tunnel mode SSL VPN. 
Please check with the FOS team for latest.

David Redberg Fortinet Product Manager

View solution in original post

1 REPLY 1
dred_FTNT
Staff
Staff

There is  FortiOS NFR 505485 for implementing the SP role in FortiGate, which would allow SSO for SSL VPN users using Azure AD as the IdP.    This would address your scenario without FAC.  
I am not sure what the status is of that NFR.   We've also seen requests for the FortiClient to support SAML SSO for tunnel mode SSL VPN. 
Please check with the FOS team for latest.

David Redberg Fortinet Product Manager