Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
aksec
New Contributor

SSLVPN - Azure MFA

Hi Team,

 

Fortigate SSLVPN with Azure integration to use MFA. Do I need to have fortitoken licensed?.

 

http://docs.fortinet.com/document/fortigate-public-cloud/6.4.0/azure-administration-guide/584456

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SAML-authentication-for-f...

 

We tried to set it up and it didn't work and then in a several weeks ticket with support we were told that fortitoken was 100% necessary.

 

Best regards.

AK.

3 REPLIES 3
Toshi_Esumi
SuperUser
SuperUser

I think you should escalate your case to TAC manager. Azure AD MFA is done on Azure AD side. None of our customers who use this arrangement over SAML have FortiTokens.

 

And, this is the MS doc customers followed.
https://learn.microsoft.com/en-us/entra/identity/saas-apps/fortigate-ssl-vpn-tutorial


Toshi

DX-RTR-Group
New Contributor II

When you want to use Azure AD MFA you don't have to use Fortitokens. You will use the Microsoft Entra ID credentials of the users in combination with the Microsoft Authenticator application.

 

ensure that the users have enough time to enter the code.

hbac
Staff
Staff

Hi @aksec,

 

If MFA is handled by Azure, you don't need FortiToken license. What is the issue you are facing and what is the ticket number? 

 

Regards, 

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors