SSL VPN with Smartcard

CvB · ‎08-23-2022

Hi,

I want to configure a SSL VPN with a Smartcard authentication.

Is this possible?

Fortigate Version: 6.4.8 build1914

FortiClient version: 6.4.6.1658

Regards

Chris

lol · ‎08-25-2022

Hello,

2-factor authentication is possible with Fortinet mobile or hardware tokens.

Refer to https://docs.fortinet.com/document/fortigate/7.0.6/administration-guide/323465/fortitokens for the start.

Regards

pminarik · ‎08-25-2022

Client-certificate-based authentication is definitely supported, even when the certificates are stored on a smartcard. I handled a handful of support tickets in the past where customers were using this.

With that said, be aware that weird edgecases do exist and can cause compatibility issues, so please make sure to perform some tests of your chosen smartcard + PC + FortiClient + FortiGate before you commit to it.

[ corrections always welcome ]

doncacciatoconsuting · ‎07-25-2024

@pminarik - Interesting...Do you have any implementation documentation for this ?

pminarik · ‎08-02-2024

There's heaps of documents for client-certificate-based SSL-VPN authentication, in various states of up-to-date-ness. Try this for example - https://docs.fortinet.com/document/fortigate/7.4.4/administration-guide/266506/ssl-vpn-with-certific...

[ corrections always welcome ]

doncacciatoconsuting · ‎08-02-2024

Thanks all, I'm on the right track.

SSL VPN with Smartcard

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website