Good Morning,
If I have an active directory user with microsoft authenticator otp configured, is it possible to login in forticlient using otp?
Thank you in advance.
You are talking about using Microsoft Authenticator to give you the 6-digit 2-factor auth key to login to a VPN using FortiClient, right? If so, no I dont think this is possible. Last time I tried this it let me setup Authenticator with my VPN account but the generated codes were not correct. It is like it uses a similar but slightly-different algorithm that is incompatible with Fortinet's 2FA.
I'm trying to make duo work.
If you figure out how to configure Duo to work with the FortiVPN, please update this thread. I've had no luck getting it to work.
Duo can work with fortigate.
Just follow the duo guide, then add the radius group to a sslvpn portal/tunnel.
Be aware that if you want to limit the traffic of a single user, using duo you can't, but you can limit the traffic of all the duo radius users.
I would suggest fortitoken if you find yourself with this specific issue.
Microsoft has Azure Multi-Factor Authentication Server which can serve as RADIUS server
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-dir-radius
Microsoft has Azure Multi-Factor Authentication Server which can serve as RADIUS server
That is true. However, that is the backend process. The goal here is to replace/merge the various user-facing Authenticators, instead of having two or more to sort through.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.