| Description |
This article explains a scenario where SAML authentication is configured correctly but the user receives an error when connecting to SSL VPN with SAML authentication. A workaround is included. |
| Scope | Any supported versions of FortiGate and FortiClient. |
| Solution |
When the user connects to SSL VPN using SAML authentication, the error message 'login page did not respond within time limit' appears during the first attempt, followed by an 'ERR_EMPTY_RESPONSE' error. However, the user can connect on the second attempt without any errors.
This timeout limit will appear if the user’s password has not been entered within a specified period or when the authentication to the SAML identity provider takes longer than the timeout configured on the FortiGate.
To prevent the issue from occurring, increase the remote authentication timeout accordingly with the following CLI commands:
# config system global set remoteauthtimeout 60 end |
