FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes about an error in FortiClient VPN showing 'Error: The authentication did not complete within the specified timeout. Please try again' when connecting VPN using SAML.
Scope
FortiClient VPN connecting with SAML configuration.
Solution
Most of the issue is caused by the interruption between SAML request and reply.
One of the common reasons is that the FortiGate gets the connection timeout while waiting for the SAML request and reply, which could be due to network delay, slow IdP response, or issues while fetching data from IdP (two factor, MFA). If the entire authentication process took longer than the remote authentication timeout, the FortiGate will terminate the whole process.
To resolve this issue, the customer should always make sure that the FortiGate has remote timeout configuration well-configured.
config system global set remoteauthtimeout <1-300s> end
The default value is 5 seconds. It is recommended to increase this value.
