Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Connor_Johnson
New Contributor

How to properly configure multiple SSO connections with a FortiGate

We have an HA pair of FortiGate 500E's. They are running 7.0.5

I have successfully configured SSO for our Split Tunnel portal and it is working. FortiClient successfully takes us to the identity provider which is JumpCloud and allows me to connect with the Split Tunnel access.

 

But we also have users that we want to use the Tunnel All portal. I have configured it the same way I did as the Split Tunnel but I think I need to somehow specify which one the user needs to connect to. And I am not sure how to do that specification. Does anyone have any ideas here?

Network Administrator
Network Administrator
2 REPLIES 2
bpozdena_FTNT

You could technically configure authentication rules and match portals based on groups in SAML response. But it can get very complex and difficult to troubleshoot.

 

My recommendation is to create separate SSL VPN realms for your split and full portals. You can find a detailed guide here. The example uses Azure as SAML IdP, but the Fortigate and FortiClient configuration will be essentially the same. 

HTH,
Boris
Connor_Johnson

Realms is exactly what I was looking for. Thank you! 

Network Administrator
Network Administrator
Labels
Top Kudoed Authors