Description |
This article describes an example of configuration on a solution with VPNSSL + SAML using the OneLogin platform as IdP. |
Scope |
User-SAML using OneLogin as IdP. |
Solution |
Topology:
VPNSSL-Client ===== Internet ===> | FortiGate-VPNSSL
Example:
edit "ONELOGINGROUP" set group-type firewall set authtimeout 0 set auth-concurrent-override disable set http-digest-realm '' set member “ONELOGINGSSLVPN” next end
config authentication-rule edit 1 set groups "ONELOGINGROUP" set portal “web-access” next end end
Additional suggestion: If the redirection to SAML-Authentication portal fails, use the debugging steps shown below.
In cases where SAML-Authentication portal redirection succeeds but the authentication fails at the end, check the logging report as per the images below. The logging report can be aid in discerning the root cause of an authentication failure.
|
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.