Hi, with the new Forticlient version SAML authentication is no longer cached.
Before the update, we were in 7.0.7.0345 and after the first SAML authentication, the data was cached and the user did not have to reauthenticate several times
during the day.
We erase cookies when the machine is shut down.
Is it possible to re-enable this feature?
Or is it possible to download a complete last version (7.0.7.0345)?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Thanks for the advice @pminarik - I will schedule some time to test and get logs for the 7200 error.
In parallel I have now had a response from Fortinet support. If you want to experience the credentials cached method of login and the "Stay Signed in" feature offered by Azure Active Directory authentication, I have now tested with 7.0.8 and 7.0.9 of FortiClient VPN.
Settings I checked were:
- VPN Options, Do not modify internal browser cookies.
This is a new setting within 7.0.8 and 7.0.9 which is not in 7.0.7
'Do not modify internal cookies' worked for me, behaviour is the same as it was prior to the newer versions. Thank you for this suggestion.
yes this was working fine on 7.0.8 but now broken again with 7.2.2 !!!
Saml Credentials are not stored anymore even if do not modify internal cookies is ticked. annoying!!
Hi @itservices3 thanks for the heads up. I have not tested version 7.2.2.
Will check it.
Any luck with 7.2.2? I want to upgrade as well but I can't if it won't cache the username.
Did anyone found a solution to this? I am using EMS Version 7.2.2 build 0879. SAML option with Azured IdP was working well in caching username with FortiClient v7.0.7. Trying to upgrade to higher versions, suddenly username is not cached. Same issue on v7.0.8, 7.0.9 and v7.2.1 & 7.2.2.
Running out of luck on which versions supports username caching with SAML since its annoying that users have to enter both their username and password every time they connect to VPN.
FYI, we using internal browser for saml authentications and this is my ssl vpn options xml
<?xml version="1.0" ?>
<forticlient_configuration>
<vpn>
<enabled>1</enabled>
<sslvpn>
<options>
<enabled>1</enabled>
<dnscache_service_control>0</dnscache_service_control>
<prefer_sslvpn_dns>1</prefer_sslvpn_dns>
<disallow_invalid_server_certificate>0</disallow_invalid_server_certificate>
<warn_invalid_server_certificate>1</warn_invalid_server_certificate>
<keep_connection_alive>1</keep_connection_alive>
<preferred_dtls_tunnel>0</preferred_dtls_tunnel>
<no_dns_registration>0</no_dns_registration>
<dont_modify_cookies>1</dont_modify_cookies>
<negative_split_tunnel_metric/>
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.