Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
secsupport
New Contributor II

Configure Fortigate SSL VPN to use Azure AD as SAML

I have configured all the steps but after login in using sso an error occurred well I don't know the reason for

I have attached kindly see and what should be the solution azure saml error.jpegd the solution

4 REPLIES 4
Markus_M
Staff
Staff

Hey,

 

you might want to detail what "all the steps" you have followed. You are using FGT as a SAML SP, and Azure as SAML IdP? Which FortiOS version do have there?

 

Best regards,

 

Markus

JackTrades
New Contributor

im excited to hear the the fortigate does support saml, i have to update my firmware, because this feature seems not to be available in 6.47.

However i did achieve the integration over radius with the NPS Plugin for Azure AD MFA.

Toshi_Esumi
SuperUser
SuperUser

It should support. One of our customers on our FGT with 6.2.10 just tested SAML last week and worked fine without much debugging. They currently uses NPS RADIUS proxy path probably backed by the same Azure AD and wanted to migrate to SAML. Since many of users currently have much older than FortiClient VPN 6.4, they need to upgrade them to be able to use SAML method for their SSL VPN.

 

Toshi

Debbie_FTNT
Staff
Staff

To clarify Toshi's statement above:

Web-based SSLVPN supports SAML from 6.2; tunnel-based works with FortiGate 6.2, but requires at least FortiClient 6.4.

Regarding FortiGate 6.4 not supporting SAML - it does, but most of the configuration is CLI only; you won't find anything in GUI until after you have configured at least the SAML server entry in CLI.

+++ Divide by Cucumber Error. Please Reinstall Universe and Reboot +++
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors