Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

MFA on SSL via Cisco Duo

Current Configuration: We have Radius Server configured in our Active Directory machine, which is also used in FortiGate as Radius Server, where users are authenticated in FortiClient. 
In Cisco Duo, All computers are configured to use MFA for windows login via Active directory sync.
Issue: I want to integrate MFA in SSL VPN, while user's login in FortiClient. I'm using Radius client as my primary authenticator.  While validating the config in Duo Proxy, I have this message:
warn: We cannot confirm that the Auth Proxy was able to establish a RADIUS connection to In the case of an actual failure this may be due to a misconfigured secret or network issues. This may also happen if the upstream RADIUS Server does not support the Status-Server message
error: Connectivity validation was not successful

Screenshot 2024-06-08 090307.png


Screenshot 2024-06-08 072309.pngScreenshot 2024-06-08 072410.pngScreenshot 2024-06-08 072934.png



I believe this question is related to duo proxy not to fortigate, you can refer to this article:


As fortigate status is connected, check if you can test the credentials 

Amritpal Singh

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Top Kudoed Authors