Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MoccaMaster
New Contributor III

Created on ‎05-03-2023 02:19 AM

Configure SSLVPN to use SSO using EMS

We have been using EMS previously for configure my FortiClients to autodeploy VPN connection using the classic SSLVPN with username/password options.

 

Now we have configures our VPN connection to utilize AzureAD using SAML login.

However, I dont see this option when configuring VPN settings in the EMS settings. 

On the client its a simple tick on/off option, but its seems like this is not possible when deploying the settings from EMS. 

Are there any tricks to utilize this? I have downloaded EMS 7.2, and there is not option to enable SSO, when configuring the VPN connection.

 

 

Labels:
3701
1 Solution
rosatechnocrat
Contributor II

Created on ‎05-03-2023 03:09 AM

You may want to check the below Article. This shows all the steps to integrate and deploy SAML using Azure AD. 

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/967cd9f0-70ff-11ed-8e6d-fa163e...

Rosa Technocrat --

Also on YouTube---

Please do Subscribe

View solution in original post

Rosa Technocrat --Also on YouTube---Please do Subscribe
3693
0 Kudos
3 REPLIES 3
rosatechnocrat
Contributor II

Created on ‎05-03-2023 03:09 AM

You may want to check the below Article. This shows all the steps to integrate and deploy SAML using Azure AD. 

 

https://fortinetweb.s3.amazonaws.com/docs.fortinet.com/v2/attachments/967cd9f0-70ff-11ed-8e6d-fa163e...

Rosa Technocrat --

Also on YouTube---

Please do Subscribe
Rosa Technocrat --Also on YouTube---Please do Subscribe
3694
0 Kudos
MoccaMaster
New Contributor III

Created on ‎05-03-2023 03:41 AM Edited on ‎05-03-2023 04:20 AM

@rosatechnocrat  thanks for the response, however this is not what I wanted. 

I have configured my Fortigate to use AzureAD SSO (SAML), and the forticlient should just contact the Fortigate using SSO. 

However, using the document I found a way to solve my issue.

If anyone else coming by this is how I managed to get it solved.: 
In EMS > Endpoint Profiles, edit you profile (I was still on 7.0.2 at this time). 

In the profile you need to edit the XML Configuration in the "XML Configuration" Tab. 

Scroll down to the <vpn> section, find your connection and change <sso_enabled> value from 0 to 1

Save the config, and wait for the clients to sync the settings. 

3685
rosatechnocrat
Contributor II

Created on ‎05-03-2023 03:49 AM

@MoccaMaster : Thanks for the update and glad the issue was resolved. I had given that doc as it contain almost all steps. Was not sure what might be missing for you.

 

 

Thanks again and for accepting the solution. 

Rosa Technocrat --

Also on YouTube---

Please do Subscribe
Rosa Technocrat --Also on YouTube---Please do Subscribe
3684
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.