When configuring a FortiClient EMS server (v.7.4.1b1872) on Linux for Administrator SAML SSO with Entra/Azure it works if I use the default SP Address (<FQDN>), but we'll be locking down port 443 from external access and I would like to use 10443 for the SAML SSO. When configured the same way adding 10443 per the small blurb of instructions (<FQDN>:10443) it returns an EMS 404 error stating "The requested URL was not found on this server."
If I reconfigure that same SAML entry to just the <FQDN>, updating the appropriate fields and certificate, it works.
I have confirmed that port 10443 is open. The URL in the browser looks correct for the ACS link (https://<FQDN>:10443/saml/default/<UniqueKey>/acs). I don't see any issues off hand, and MS does report a successful log in. Attempting to log in as a unapproved user does result in the expected O365 "you do not have permission to log in" page. The server has been rebooted with the desired settings in place with no change.
Because of the anecdotal evidence, the issue appears to be that despite the EMS stating to use the specific ACS link with the included 10443 port, it isn't actually registering that link within itself to accept the credentials- thus a 404 error. Since it works without using the specific port, my guess would be that it does not recognize the port or potentially updating the config to include the port is breaking the config. Is there a way to view this configuration from a config file instead of through the UI?
Any insight would be appreciated.
in System Settings > EMS Settings do you have enabled Open Port 10443 option ?
Only enforced when Windows Firewall is enabled. Port 10443 is also used for Invitation Email and SAML Authentication.
Created on ‎06-12-2025 05:32 AM Edited on ‎06-12-2025 05:33 AM
Yes, that setting is enabled. I'm able to access the downloads of installers via port 10443, but we hadn't intended on using the email portion so that hasn't been tested.
This is built on a Linux server as well, and ufw does report the port is open.
User | Count |
---|---|
2548 | |
1354 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.