Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
systemgeek
Contributor II

ZTNA re-authentication question.

We are migrating from SSLVPN to ZTNA on FortiGate 7.6.2.  EMS Cloud 7.4.3 and FortiClients 7.2.9 and 7.4.3.

 

With SSLVPN I am using external browser to our SAML 2FA.  What this means is that the users Browser caches the authentication cookie for about 24 hours so they do not need to re-login and get a new 2FA.  However, I do not see any option in ZTNA to use an external browser.  So every time a user goes some where they need to authenticate with SAML and get a new 2FA.

 

Is there any way to change this?  I would be happy with authenticate once every 8 hours if that is possible.

5 REPLIES 5
Anthony_E
Community Manager
Community Manager

Hello,


Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello,

We are still looking for someone to help you.

We will come back to you ASAP.


Thanks,

Anthony-Fortinet Community Team.
Anthony_E
Community Manager
Community Manager

Hello,

 

Did you already have a look at this document?:

https://docs.fortinet.com/document/forticlient/latest/ems-administration-guide/543857/ztna-destinati...

 

Regards,

Anthony-Fortinet Community Team.
vdamaskin
New Contributor

you should use an option in your Forticlient EMS according to your ZTNA Destionation: "Redirect"

 

Screenshot 2025-05-30 154701.png

systemgeek

Where is this option.  I have not yet seen it.  

 

And how is this related to having to re-authenticate multiple times in a 8 hour window?

Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors