We currently have an SSL VPN configured for clients leveraging LDAP for authentication. We would like to move to Google SAML SSO for authentication, but need to test the configuration before disrupting current VPN clients. Is it possible to operate with both authentication methods active on a single Fortigate? Or should we schedule some VPN downtime to tinker with the Google SAML SSO config?
We are currently running FortiOS v7.2 Thanks in advance for any assistance.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @bwhelan
Thank you for reaching out.
I believe it is possible.
Please have a look here for more information:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Fortinet-SSL-VPN-with-G-Suite-MFA-using-SA...
https://docs.fortinet.com/document/fortigate/5.6.0/cookbook/226712/saml-2-0-fsso-with-fortiauthentic...
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/724772/ssl-vpn-multi-realm
Regards
Hi @bwhelan
Thank you for posting your query.
Yes, it is possible. The user will be redirected to the SAML IDP when you will enable the SAML setting in Forticlient post configuring the SAML configuration on FortiGate.
For configuration please the links shared by @dbu .
Regards
Priyanka
- Have you found a solution? Then give your helper a "Kudos" and mark the solution
Hello @bwhelan
Hope you are doing well.
Yes, it is possible you can create and add the saml sso of google on the firewall and create realm on Fortigate so that you can have individual groups and authentication methods.
Example:
You can create realm portal for each user group and test between LDAP and SAML authentication methods.
refer to the article for the steps:
SAML authentication:
-As suggested earlier by Priyanka please configure on ssl vpn different connection to save the credentials of the test user.
Let us know if these steps helped or not.
Regards,
Manasa
Realm:
https://docs.fortinet.com/document/fortigate/6.2.15/cookbook/724772/ssl-vpn-multi-realm
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1714 | |
1093 | |
752 | |
447 | |
232 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.