Trying to get Google Workspace to work with SSLVPN for SSO and tie login to the department attribute

EasyDoesIT · ‎04-30-2024

Trying to get Google Workspace to work with SSLVPN for SSO and tie login to the department attribute.

We want to give users different access to network resources when they connect to SSLVPN via SSO with Google Workspace.
Depending on their department they will get a different firewall policy and hence different access into the network.

We are successful at the Google Workspace integration using the "Any" option and they can login ok with SSO. However, if we use the Group option, they can't login.

Anthony_E · ‎05-02-2024

Hello EasyDoesIT,

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.

Thanks,

Anthony-Fortinet Community Team.

Anthony_E · ‎05-06-2024

Hello,

We are still looking for someone to help you.

We will come back to you ASAP.

Regards,

Anthony-Fortinet Community Team.

Anthony_E · ‎05-10-2024

Hello,

I found this KB article which can be helpful:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Fortinet-SSL-VPN-with-G-Suite-MFA-using-SA...

Could you please tell me if it provides the answer requested?

If not, we will continue to look for a solution.

Regards,

Anthony-Fortinet Community Team.

smayank · ‎05-10-2024

Hello

Please refer below link to verify it from debug logs

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-SAML-group-mismatch-issue-in-SSL-VPN...

Thanks & Regards
Mayank Sharma