Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
hflorian
New Contributor II

Created on ‎07-10-2025 07:15 AM

FortiClient VPN conflicting with Microsoft Intune

In our environment, we use FortiClient VPN version 7.0.14.0585. We started researching into the possible benefits of Intune, so I configured enrollment, compliance polices, and a simple BitLocker requirement. Those are the only changes to our Entra/Intune environment that I made. Soon, I had rolled Intune out onto a few computers in our division. One of our employees notified us of issues connecting to the VPN, and we suspected Intune to be at fault. Sure enough, when Intune was removed the issue went away.

 

Screenshot is attached. When clicking yes, you are brought a blank page with a 300 second time out.Click to collapse FortiSIEM grouphubScreenshot 2025-07-10 085122.jpg

Labels:
646
0 Kudos
1 Solution
btan
Staff & Editor
Staff & Editor

Created on ‎07-11-2025 12:17 AM

As @sharmar mentioned above, if you have Conditional Access Policy checking, you will have to use 'external browser', refer: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Implementing-device-based-Conditional-Acce... 

Regards,
Bon

View solution in original post

579
5 REPLIES 5
sharmar
Staff
Staff

Created on ‎07-10-2025 03:26 PM

Hello @hflorian 

 

If you want to use intune compliance with saml, then make you use the external browser, I believe it doesn't support with internal browser. 

 

Thank you !! 

608
btan
Staff & Editor
Staff & Editor

Created on ‎07-11-2025 12:17 AM

As @sharmar mentioned above, if you have Conditional Access Policy checking, you will have to use 'external browser', refer: https://community.fortinet.com/t5/FortiGate/Technical-Tip-Implementing-device-based-Conditional-Acce... 

Regards,
Bon
580
hflorian
New Contributor II
In response to btan

Created on ‎07-11-2025 05:35 AM

Hey, thanks very much.  Looking into what I can do on the Intune side of things.  Our environment uses the free version of FortiClient.

554
0 Kudos
hflorian
New Contributor II
In response to btan

Created on ‎07-11-2025 05:43 AM Edited on ‎07-15-2025 05:24 AM

Microsoft uses PRTs to validate sessions, and the VPN gets in the way of that validation.  The free version of the VPN has a "Enable auto-login with Azure Active Directory" option.  I can't verify functionality right now, but when I start the VPN I no longer get the script error pop-up.image.png

548
0 Kudos
hflorian
New Contributor II
In response to hflorian

Created on ‎07-15-2025 05:31 AM

This was not the solution, and I soon realized the external browser is an option on the free version too.  That is now working.  Thanks everyone!

451
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.