Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
PaulChen
New Contributor

authentication with Azure AD as a SAML IdP

Hi 

My Fortigate device OS version is 7.0.2.

When I configure Azure AD SAML authentication with the document

https://docs.fortinet.com/document/fortigate/7.0.2/administration-guide/33053/outbound-firewall-auth...

333333

Go to step 4,  

  • The SAML IdP sends the SAML assertion containing the user and group.

 

After the browser log in to azure, it seems that it can't return to FortiGate, Whether my identifier (entity ID) uses public IP or private IP.  it aways say:

The connection has timed out

An error occurred during a connection to 192.168.11.1:1003.

2.png

 

 

Who can help me the possible problems?

 

Thanks a  lot 

 

 

 

Hello everyone
Hello everyone
1 Solution
Anonymous
Not applicable

Hello @PaulChen ,

 

               

Welcome to Fortinet community and Thank you for your post. Hopefully, you've been keeping safe and doing well!
 
Could you please run the saml debug when the issue is replicated.
                
#diagnose debug application httpsd -1
#diagnose debug application samld -1
#optionally# diagnose debug console timestamp enable
#diagnose debug enable
Regards

View solution in original post

4 REPLIES 4
Anonymous
Not applicable

Hello @PaulChen ,

 

               

Welcome to Fortinet community and Thank you for your post. Hopefully, you've been keeping safe and doing well!
 
Could you please run the saml debug when the issue is replicated.
                
#diagnose debug application httpsd -1
#diagnose debug application samld -1
#optionally# diagnose debug console timestamp enable
#diagnose debug enable
Regards
PaulChen

Hi Ash , Thanks for your suggestion,  I solved this problem by adding a source port to the firewall policy.

 

Thanks

Paul Chen

Hello everyone
Hello everyone
Cristianonovaes

Hi PaulChen, Could you please detail more how you added this source port? I have the same problem!

tks,

Kapil_Sharma

Hi PaulChen,
Can you share more details and how can I do this

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors