Hello, we have fortigate, deployed in Azure. We have configured SAML for authentication/authorizations for FortiVPN. Now we are also planning delpoy another fortigates on ESXi infrastructure, where we also need to configure FortiVPN with SAML. Qsuestion is Can I have one SAML application on azure which will be mapped with both fortigates? AD groups, and policies will be the same.
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Yes, you can!
The Single sign-on section for SAML method in Enterprise Applications allows you to define values for multiple Service Providers (~multiple FortiGates):
The only requirement for this to properly work is that the SP (=FortiGate SSL-VPN) includes the ACS (login) URL in the AuthnRequest, so that the IdP (Azure) knows where to redirect to once done (if not included, Azure will redirect to the first/default URL configured). Fortunately, FortiGate indeed includes this value in the request, so everything should work. :)
Hi @1mm,
I don't think so as Entity ID, reply URL, etc will be different between FortiGates.
Regards,
Yes, you can!
The Single sign-on section for SAML method in Enterprise Applications allows you to define values for multiple Service Providers (~multiple FortiGates):
The only requirement for this to properly work is that the SP (=FortiGate SSL-VPN) includes the ACS (login) URL in the AuthnRequest, so that the IdP (Azure) knows where to redirect to once done (if not included, Azure will redirect to the first/default URL configured). Fortunately, FortiGate indeed includes this value in the request, so everything should work. :)
Thanks for your reply,
But as I see Sign on URL
you cant add 2 entries, or its not mandatory for authentication?
Multiple ACS/Reply URLs is sufficient for things to work.
Sign on URL can be left empty/singular (whichever option Azure allows).
Thanks for your help!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1629 | |
1063 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.