This article describes how to create an SSL VPN with Azure SAML authentication, optional steps for multiple SSL VPN Realms.
The below steps show how to create an SSL VPN with Azure SAML authentication and optional steps for multiple SSL VPN Realms.
A. Configure Azure as SAML authentication IdP.
Notes: remember to assign 'owner and member' and copy the Group Object id, which will be used later when configuring the FortiGate user group.
Define Attributes & Claims -> edit.
Notes: Remember to re-download this certificate if making changes to the FQDN.
B. Configure FortiGate SSL VPN with SAML authentication.
C. Optional: May create Multi SSL VPN Realms with SAML authentication.
Requirement: Create multiple SAML users and groups (refer to A. Configure Azure as SAML authentication IDP steps).
D. FortiClient configuration and testing: