Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
AntoineCOSTA
New Contributor

FortiClient 7.0.8.0427 SAML authentication not Cached

Hi, with the new Forticlient version SAML authentication is no longer cached.

Before the update, we were in 7.0.7.0345 and after the first SAML authentication, the data was cached and the user did not have to reauthenticate several times

during the day.

We erase cookies when the machine is shut down.

 

Is it possible to re-enable this feature?

Or is it possible to download a complete last version (7.0.7.0345)?

15 REPLIES 15
mhberglund
New Contributor II

Thanks for the advice @pminarik - I will schedule some time to test and get logs for the 7200 error.

 

In parallel I have now had a response from Fortinet support. If you want to experience the credentials cached method of login and the "Stay Signed in" feature offered by Azure Active Directory authentication, I have now tested with 7.0.8 and 7.0.9 of FortiClient VPN.

Settings I checked were:

- VPN Options, Do not modify internal browser cookies.

This is a new setting within 7.0.8 and 7.0.9 which is not in 7.0.7

Mikael Berglund, 76BITS
Mikael Berglund, 76BITS
pfournier

'Do not modify internal cookies' worked for me, behaviour is the same as it was prior to the newer versions. Thank you for this suggestion.

itservices3

yes this was working fine on 7.0.8 but now broken again with 7.2.2 !!!

Saml Credentials are not stored anymore even if do not modify internal cookies is ticked. annoying!!

mhberglund

Hi @itservices3 thanks for the heads up. I have not tested version 7.2.2.

Will check it.

Mikael Berglund, 76BITS
Mikael Berglund, 76BITS
pfournier

Any luck with 7.2.2? I want to upgrade as well but I can't if it won't cache the username. 

techdsmart
New Contributor

Did anyone found a solution to this? I am using EMS Version 7.2.2 build 0879. SAML option with Azured IdP was working well in caching username with FortiClient v7.0.7. Trying to upgrade to higher versions, suddenly username is not cached. Same issue on v7.0.8, 7.0.9 and v7.2.1 & 7.2.2.

Running out of luck on which versions supports username caching with SAML since its annoying that users have to enter both their username and password every time they connect to VPN.

FYI, we using internal browser for saml authentications and this is my ssl vpn options xml

 

<?xml version="1.0" ?>
<forticlient_configuration>
	<vpn>
		<enabled>1</enabled>
		<sslvpn>
			<options>
				<enabled>1</enabled>
				<dnscache_service_control>0</dnscache_service_control>
				<prefer_sslvpn_dns>1</prefer_sslvpn_dns>
				<disallow_invalid_server_certificate>0</disallow_invalid_server_certificate>
				<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
				<keep_connection_alive>1</keep_connection_alive>
				<preferred_dtls_tunnel>0</preferred_dtls_tunnel>
				<no_dns_registration>0</no_dns_registration>
				<dont_modify_cookies>1</dont_modify_cookies>
				<negative_split_tunnel_metric/>

 

 

Top Kudoed Authors