Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
DTS1
New Contributor

SAML before Login with Forticlient 7.0.7

Hello All,

 

Hope all good!

I have a question, if someone already configured SAML before Login.

Basically, SAML Forticlient works with Azure at our environment and VPN Before Login with the same Forticlient version works. My issue is now, that I want to have VPN Before Login, but with the SAML. I set up everything basically what is needed on the EMS, the Forti and on the Forticlient, but it stil ldoesn't work.

On my Windows Test MAchine it says: Unable to connect to VPN and it leads me back to the login.

 

Thanks for your help!

8 REPLIES 8
kiri
Staff
Staff

Hi there,

 

So you're trying to integrate SAML with SSLVPN, right?

 

https://learn.microsoft.com/en-us/azure/active-directory/saas-apps/fortigate-ssl-vpn-tutorial

What guide have you followed, can you share it with me?

DTS1
New Contributor

Hi There,

 

No I got SAML with SSLVPN already working, when I am logged in. But my question is about SBL (SAML before Login), so like the feature VPN before login. We have FC 7.0.7 and we have EMS, so paid for the VPN before Login Option. Without SAML, VPN befoe login works, without issues. But when I configure SAML and want to user VPN Before Login, that doesn't work.

 

Thanks for your help!

kiri
Staff
Staff

I'll check that for you and come back.

Jan-Ora
New Contributor

Any news in this case?

btan
Staff
Staff

Hello,


As of now, SAML VPN before logon feature is not supported, which is why you don't see SAML listed here in https://docs.fortinet.com/document/forticlient/7.2.0/administration-guide/479513/activating-vpn-befo...


This feature is being raised as a NFR (New Feature Request), but there is no ETA yet.
If you have a Fortinet Partner, Sales Engineer or Point of Contact, you can keep track of the status with ID 747594.

 

Regards,
Bon
JamesCnAustin

Any new updates on this?
Does anyone know if AUTOCONNECT, if turned on using the Endpoint profile, will connect user before logon?

btan

SAML VPN before logon is still work-in-progress.

You need additional config with AUTOCONNECT to setup 'VPN before logon'
To setup VPN before logon, refer:
https://docs.fortinet.com/document/forticlient/7.2.1/administration-guide/505235/appendix-f-ssl-vpn-...

Regards,
Bon
kanes39
New Contributor III

Hi btan,

Do you know when this will be out or on which version?

Regards,

Labels
Top Kudoed Authors