Hi all, im in need of some assistance. I have been on this task for 2 days and i cannot figure out whats wrong with my settings.
I have setup an AWS EC2 image of Fortinet, followed multiple multiple websites and youtube videos however i just dont seem to be able to establish a VPN connection using Azure SSO.
Below is my config
public DNS entry added, vpn.domainname.com.au a record to public IP of gateway
Lets encrypt cert is added and valid.
currently not set to a custom port, however have also tried port 10443 and updated the SAML config, same issue.
config user saml
edit "azure"
set cert "certificatenameblankedout"
set entity-id "https://domainname/remote/saml/metadata”
set single-sign-on-url "https://domainname/remote/saml/login"
set single-logout-url "https://domainname/remote/saml/logout"
set idp-entity-id "https://sts.windows.net/XXXXXXXX/"
set idp-single-sign-on-url "https://login.microsoftonline.com/XXXXXXXX/saml2"
set idp-single-logout-url "https://login.microsoftonline.com/XXXXXXXX/saml2"
set idp-cert "REMOTE_Cert_1"
set user-name username
set group-name group
next
end
config user group
edit FortiGateVPN
set member "azure"
config match
edit 1
set server-name "azure"
set group-name "(azure security group object id XXXXXXXX)"
next
end
next
end
Below screenshot is what i get when testing Azure SSO user in Azure portal
this is the error when trying to use the forticlient and connect.
Fortinet config
Azure settings.
I have also tried creating everything with the GUI and get the same result.
Thanks all
Matt
Hi,
I would start by configuring in SSLVPN settings by setting on Listen on interface, the correct one w/ public IP and DNS.
Then:
- Recommended to increase remoteauthtimeout under config system global to 60 or 120
- under the config user saml that you configured, please append a / at the end of the URLs, expect for the ones ending in saml2
Here is a tutorial that should do the trick.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1846 | |
1130 | |
769 | |
447 | |
260 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.