is there any use case wherein I can integrate 2FA with ZTNA?
Current setup we are using SSL VPN to access our internal resources such as RDP. SSL VPN users tied up to FToken.
Now we want to explore how the ZTNA works. Cant figure out how to maintain 2FA without SSL VPN and through ZTNA my staff could access our internal resources.
Solved! Go to Solution.
Hey R_F,
you have essentially two options to integrate 2FA with ZTNA setup:
-> you can do a SAML authentication against a FortiAuthenticator, for example, which would then prompt for the token code
-> you could do form-based authentication (basic does not support two-factor authentication)
-> you might have to enable two-factor authentication in the proxy authentication rule (via CLI)
For example:
I hope this helps :)
Hello R_F,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hey R_F,
you have essentially two options to integrate 2FA with ZTNA setup:
-> you can do a SAML authentication against a FortiAuthenticator, for example, which would then prompt for the token code
-> you could do form-based authentication (basic does not support two-factor authentication)
-> you might have to enable two-factor authentication in the proxy authentication rule (via CLI)
For example:
I hope this helps :)
Thanks @Debbie_FTNT . missed out that document.
Hi,
Thanks for the above info. Do you know if it's possible to use ZTNA with FortiToken to access non web resources? When we test it only works for HTTP/S.
Regards,
Kieron
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.