You are leaving our website

s3 · 05-29-2025

I am trying to get a IPsec dialup VPN accessible from two interfaces WAN and LAN3. Currently the IPSec VPN listens on WAN and that works well. I have added a virtual ip on the LAN3 interface mapping from the public IP to WAN IP and created a firewall...

s3 · 04-10-2025

I have implemented IPsec with SAML on a fortigate and can connect fine to it from some machines but other machines are incredibly unstable. The forticlient (vpn only 7.4.3) will connect, the application will be unresponsive for a few seconds and then...

s3 · 03-29-2024

We have a usecase where we would like to split authentication and authorization. So a user would login to VPN via SAML which would return their email/username. I would then like to lookup their groups from our local AD which would be used in firewall...

s3 · 02-07-2022

The network we manage currently only has users connecting remotely via SSL VPN with authentication via LDAP back to Active Directory. This allows all group memberships to be fetched and used in firewall rules.Each user might be a member of several gr...

s3 · 04-17-2025

Thanks initial test v7.2.9 seems more stable.

s3 · 04-01-2024

Unfortunately we don't have FortiAuthenticator just the FGT.Problem is our SAML provider doesn't provide all the user's groups unfortunately.

s3 · 02-11-2022

I don't currently use FSSO but I will give it a test to see if it will work.Thanks for the help.

s3 · 02-08-2022

Unfortunately the machines are not domain joined. Does this rule out FSSO? Or would it detect the user logging in to the wifi via radius?

User Statistics

User Activity

IPsec dial up VPN using virtual ip

IPsec with SAML - stablity

Separate authentication and authorization

Single firewall policy for VPN/Wifi

Re: IPsec with SAML - stablity

Re: Separate authentication and authorization

Re: Single firewall policy for VPN/Wifi

Re: Single firewall policy for VPN/Wifi