We are migrating from SSLVPN to ZTNA on FortiGate 7.6.2. EMS Cloud 7.4.3 and FortiClients 7.2.9 and 7.4.3.
With SSLVPN I am using external browser to our SAML 2FA. What this means is that the users Browser caches the authentication cookie for about 24 hours so they do not need to re-login and get a new 2FA. However, I do not see any option in ZTNA to use an external browser. So every time a user goes some where they need to authenticate with SAML and get a new 2FA.
Is there any way to change this? I would be happy with authenticate once every 8 hours if that is possible.
Hello,
Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Thanks,
Hello,
We are still looking for someone to help you.
We will come back to you ASAP.
Thanks,
Hello,
Did you already have a look at this document?:
Regards,
you should use an option in your Forticlient EMS according to your ZTNA Destionation: "Redirect"
Where is this option. I have not yet seen it.
And how is this related to having to re-authenticate multiple times in a 8 hour window?
User | Count |
---|---|
2517 | |
1347 | |
794 | |
639 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.