About s3

s3 · 03-29-2024

We have a usecase where we would like to split authentication and authorization. So a user would login to VPN via SAML which would return their email/username. I would then like to lookup their groups from our local AD which would be used in firewall...

s3 · 02-07-2022

The network we manage currently only has users connecting remotely via SSL VPN with authentication via LDAP back to Active Directory. This allows all group memberships to be fetched and used in firewall rules.Each user might be a member of several gr...

s3 · 04-01-2024

Unfortunately we don't have FortiAuthenticator just the FGT.Problem is our SAML provider doesn't provide all the user's groups unfortunately.

s3 · 02-11-2022

I don't currently use FSSO but I will give it a test to see if it will work.Thanks for the help.

s3 · 02-08-2022

Unfortunately the machines are not domain joined. Does this rule out FSSO? Or would it detect the user logging in to the wifi via radius?

User Statistics

User Activity

Separate authentication and authorization

Single firewall policy for VPN/Wifi

Re: Separate authentication and authorization

Re: Single firewall policy for VPN/Wifi

Re: Single firewall policy for VPN/Wifi