Help
FortiGate Azure Discussions & Onboarding Information
avenditti
Staff
Staff

Created on ‎02-11-2025 03:32 AM

FortiOS integration with Azure (WiFi users)

Hi guys,

 

I have a customer requesting FortiOS integration with Azure to authenticate WiFi users.

 

While researching, I found numerous references related to VPN user authentication.

What seems odd to me is that in all the articles, Azure requires specifying the authentication purpose. For example:
"Go to Enterprise Applications → New Application → Search for 'FortiGate' → Select 'FortiGate SSL VPN' and assign a name."

 
 

From my perspective, a FortiGate user group can be used for various services (VPN authentication, firewall policy authentication, captive portal authentication, etc.), so why does Azure require defining a specific ones?

More importantly, if I create a group for VPN authentication in Azure, could this prevent it from working for firewall policy authentication or other use cases?

 

Thanks in advance

A

 

 

Labels:
128
0 Kudos
2 REPLIES 2
Dhruvin_patel
Staff
Staff

Created on ‎02-11-2025 02:30 PM

Greetings!

 

I understand you would like to authenticate wifi users with azure.

What authentication method are looking to use?

 

The information you have posted is required if you would like to authenticate using the SAML-based authentication method.

"""

What seems odd to me is that in all the articles, Azure requires the authentication purpose to be specified. For example:
"Go to Enterprise Applications → New Application → Search for 'FortiGate' → Select 'FortiGate SSL VPN' and assign a name."

"""

 

First of all, please tell us which authentication methods you would like to use.

 

Regards!

Dhruvin Patel
89
avenditti
Staff
Staff
In response to Dhruvin_patel

Created on ‎02-13-2025 12:45 AM

First of all thank you Dhruvin,

 

what I know is that the Customer currently uses an SSID with the security mode set to WPA2-Enterprise and performs authentication through a "Local" LDAP group.

current confcurrent conf

I have no constraints on using a SAML-based authentication method, my only requirement is to replicate the current setup (or make the necessary adjustments) using Azure instead of the Local LDAP.

I have no experience with Azure integration, so I might be missing some key references.

 

Regards,

Angelo

76
0 Kudos
Announcements

Welcome to your new Fortinet Community!

You'll find your previous forum posts under "Forums"

Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.