Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
funkylicious
SuperUser
SuperUser

7.0.17 - breaking SAML

Hi,

 

Anyone else noticing issues with login to SSLVPN using SAML with Entra after upgrade to 7.0.17 for users with FortiClient 7.4.X ?

 

Did an upgrade on FOS to a client and it broke the connection for newer versions butwith FortiClient 7.2.X it appears to work just fine and it used to work also with this version up until upgraded .


A similar issue was also brought up here 

"jack of all trades, master of none"
"jack of all trades, master of none"
1 Solution
JL1
New Contributor

same experience.  Users required to offload saml to external browser. 
Pushed to 7.2.10 as EoES was mentioned in my support ticket 

View solution in original post

5 REPLIES 5
wedniaa2
New Contributor

A simple advice would be to bump yourself up to FortiOS 7.0 and start using external browser for SAML logins. Then you can offload all the cookie shenanigans and username/pwd saving to your default browser, and stop caring what FortiClient makes or breaks next.

https://vlc.onl/
AEK
SuperUser
SuperUser

Hi @funkylicious 

I guess they broke something when they fixed the below in 7.0.17.

1101837

Insufficient Session Expiration in SSLVPN using SAML authentication.

The issue now is that they "may" not fix it in 7.0.x anymore since it is EoES.

AEK
AEK
JL1
New Contributor

same experience.  Users required to offload saml to external browser. 
Pushed to 7.2.10 as EoES was mentioned in my support ticket 

funkylicious
SuperUser
SuperUser

Thanks for your input guys.

Have a nice day!

"jack of all trades, master of none"
"jack of all trades, master of none"
sferoz
Staff
Staff

We are working on this issue and created an engineering ticket #1117475 for tracking, can you help share the config file, FCT and FGT debug logs, TAC case number if any to sferoz@fortinet.com for more investigation.

 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors