I am trying to get a IPsec dialup VPN accessible from two interfaces WAN
and LAN3. Currently the IPSec VPN listens on WAN and that works well. I
have added a virtual ip on the LAN3 interface mapping from the public IP
to WAN IP and created a firewall...
I have implemented IPsec with SAML on a fortigate and can connect fine
to it from some machines but other machines are incredibly unstable. The
forticlient (vpn only 7.4.3) will connect, the application will be
unresponsive for a few seconds and then...
We have a usecase where we would like to split authentication and
authorization. So a user would login to VPN via SAML which would return
their email/username. I would then like to lookup their groups from our
local AD which would be used in firewall...
The network we manage currently only has users connecting remotely via
SSL VPN with authentication via LDAP back to Active Directory. This
allows all group memberships to be fetched and used in firewall
rules.Each user might be a member of several gr...