Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Fortigate SSL VPN with Azure AD DNS Issues

I am having a strange issue with configuring FortiGate SSL VPN with Azure AD. I have configured SAML authentication successfully in the past using Google Workspace, but now I need to set up SAML in Azure AD. I am using this guide for reference:


My current configuration will only work while using the IP address of the VPN in my entity-id and single-sign-on-url values. If I use the DNS hostname, I will get an HTTP invalid error when trying to connect to The web login will also not redirect me to the Microsoft sign-in page. Changing the DNS name to the IP address resolved the problem. Please help.




I am running version 7.0.8. I downgraded from 7.2.2 for testing but that did not make a difference



New Contributor

FortiGate configuration: 


config user saml
edit azure
set cert ssl-vpn
set entity-id
set single-sign-on-url
set single-logout-url
set idp-entity-id
set idp-single-sign-on-url
set idp-single-logout-url
set idp-cert REMOTE_Cert_1
set user-name username
set group-name group

New Contributor


My configuration is working, but still unexpectedly. I found that by connecting to, I am presented with the portal web mode login. If I got directly to https://ip-address,  I am redirected to the Azure login portal


Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors