Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aksec
New Contributor

SSLVPN - Azure MFA

Hi Team,

 

Fortigate SSLVPN with Azure integration to use MFA. Do I need to have fortitoken licensed?.

 

http://docs.fortinet.com/document/fortigate-public-cloud/6.4.0/azure-administration-guide/584456

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SAML-authentication-for-f...

 

We tried to set it up and it didn't work and then in a several weeks ticket with support we were told that fortitoken was 100% necessary.

 

Best regards.

AK.

3 REPLIES 3
Toshi_Esumi
Esteemed Contributor III

I think you should escalate your case to TAC manager. Azure AD MFA is done on Azure AD side. None of our customers who use this arrangement over SAML have FortiTokens.

 

And, this is the MS doc customers followed.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/fortigate-ssl-vpn-tutorial


Toshi

DX-RTR-Group
New Contributor II

When you want to use Azure AD MFA you don't have to use Fortitokens. You will use the Microsoft Entra ID credentials of the users in combination with the Microsoft Authenticator application.

 

ensure that the users have enough time to enter the code.

hbac
Staff
Staff

Hi @aksec,

 

If MFA is handled by Azure, you don't need FortiToken license. What is the issue you are facing and what is the ticket number? 

 

Regards, 

Labels
Top Kudoed Authors