- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
forticlient with microsoft authenticator otp
Good Morning,
If I have an active directory user with microsoft authenticator otp configured, is it possible to login in forticlient using otp?
Thank you in advance.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
You are talking about using Microsoft Authenticator to give you the 6-digit 2-factor auth key to login to a VPN using FortiClient, right? If so, no I dont think this is possible. Last time I tried this it let me setup Authenticator with my VPN account but the generated codes were not correct. It is like it uses a similar but slightly-different algorithm that is incompatible with Fortinet's 2FA.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm trying to make duo work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
If you figure out how to configure Duo to work with the FortiVPN, please update this thread. I've had no luck getting it to work.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Duo can work with fortigate.
Just follow the duo guide, then add the radius group to a sslvpn portal/tunnel.
Be aware that if you want to limit the traffic of a single user, using duo you can't, but you can limit the traffic of all the duo radius users.
I would suggest fortitoken if you find yourself with this specific issue.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Microsoft has Azure Multi-Factor Authentication Server which can serve as RADIUS server
https://docs.microsoft.com/en-us/azure/active-directory/authentication/howto-mfaserver-dir-radius
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Microsoft has Azure Multi-Factor Authentication Server which can serve as RADIUS server
That is true. However, that is the backend process. The goal here is to replace/merge the various user-facing Authenticators, instead of having two or more to sort through.
