Yes, it is possible to authenticate the device along with the user when connecting to an SSL VPN using the free Forticlient VPN only app. This can be achieved by enabling a feature called "Endpoint Control" in your FortiGate SSL VPN configuration.
With Endpoint Control enabled, the FortiGate VPN gateway will perform a device compliance check before allowing a user to connect to the VPN. This check can include verifying that the device has certain software installed, checking for the presence of security updates, and ensuring that the device meets other policy requirements.
To configure Endpoint Control, you will need to:
- Enable Endpoint Control on your FortiGate SSL VPN gateway.
- Define a compliance profile that specifies the requirements for devices connecting to the VPN.
- Configure FortiClient VPN only app to connect to your SSL VPN gateway with Azure SAML authentication and MFA.
- Test the configuration to ensure that only compliant devices can connect to the VPN.
By using Endpoint Control, you can prevent users from connecting to the VPN with unapproved or personal devices, helping to secure your network and data. último resultado de Astro luna
Astroluna resultado
