I have a issue I hope someone here can assist me with!
My customer uses FortiClientVPN on +40 Windows clients, using SSO/SAML to connect to a FortiGate 1500D through O365 Azure - and it works flawlessly. 1500D firmware is v6.4.7,build1911,210825 (GA).
The customer has a number of Apple iPads, where I have been trying to get the FortiClient VPN app to work. But when connecting the logon page to O365 is just blank, it never loads the webpage. The settings are exactly the same as the Windows clients. I have tried with iOS devices that run version 15.2.1 and 12.5.5. There result is also the same if I use a trial for the "FortiClient" paid app.
I thought maybe it's a browser issue, so I tried changing the default browser on the iOS devices to both Chrome and Firefox, but nothing changed. I'm not sure if the FortiVPN app even registers the change.
See the screenshot below showing what I mean with the "blank page".
I think we figured it out, at least for our situation. This particular user was using the instructions given for the windows client. For the windows client, you can include the port in the HOST URL line, so something like: https://hostname.domain.com:8443 (we use a different port than the default). The windows client figures out that you're supplying the port and it knows what to do with it. The iOS client does NOT, so it wasn't working correctly. Once we stripped it off the URL and entered it into the PORT field it worked for us. I hope this helps.
I didn't notice this because I was trying to trouble-shoot over the phone. Once we could see it in person it all fell into place.
Firmware is v6.4.7,build1911,210825 (GA) on a 1500D.
I'm afraid I don't have the right permissions to update it to 7.xx, and the people responsible says it probably will be +12 months before they do.
I have a different FortiGate 60E with fw version 7.0.5 though. I'm going to test with that one instead later, but it's going to take some time before I have the time and capacity to set it up and test. Will report back when I have tried it out.
We are having the same issue as jespera. It looks like it only occurs if you use realms. We are on a 600D and have many users trying to use SAML via iOS unsuccessfully. We thought that the FortiClient 7.0.3 would fix this, but it does not. We also noticed in the 6.4.9 firmware that BUG ID 695386 should fix SAML login failure for users who belong to multiple groups associated with multiple VPN realms. However, we are still facing the same issue.
Unfortunately, we cannot upgrade our 600D to the 7.0.X firmware, so i'm not sure where that leaves us. Getting the FortiClient team to update the software for this fix has been frustrating.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.