We're currently experiencing issues with the FortiClient VPN with Azure SSO connection.
We have around 150 users for who it works perfectly fine, but for two users it doesn't work, they instead get the message "You've signed out of your account", followed by a 'Session ended' screen from FortiGate.
I've done some research online and have tried the following fixes and tests:
> The Forticlient on the specific users laptop works when signing in with a different account
> Their account doesn't work on my laptop, where my accounts do work
This basically concludes it's an account issue and not a device issue.
Next i've checked/done the following this:
> Made sure they are members of the SSO group with access for the FortiClient SSO
> Reset their Refresh Tokens in Azure
> The Enterprise application shows a successful login for the user with issues
> The user sign-in history shows only successful logins as well
Resetting the RefreshToken in Azure did solve the problem for one user, but for the second one the issue still persists. I have ran out of idea's as to what we can try next, so hopefully someone here as an idea!
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
You should take SAML debugs in order to see what the specific error is.
I think we are matching the behavior seen in this document, you can take the debugs seen there to confirm:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Azure-SAML-group-mismatch-getting-error-re...
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1698 | |
1092 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.