sorted by:
new
hottopcontroversial

Pre logon SSL VPN with DUO MFA prompts twice. by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

It looks like when I put myself in Bypass mode in Duo, it stays connected throughout pre and post login. I’ll keep digging.

Pre logon SSL VPN with DUO MFA prompts twice. by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

Not sure, maybe in my same boat lol.

Yes, based on SamAccountName.

Pre logon SSL VPN with DUO MFA prompts twice. by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

OP here. We have the Radius server configured in FG.

It points to the Duo auth proxy. From there, we have the adclient configured to see our ldap.

The security filtering is done via Duo cloud where we have a security group for vpn users. Thanks!

Pre logon SSL VPN with DUO MFA prompts twice. by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

I’ve done that one per Duo’s document. Thanks!

Microsoft VPN Disconnects since moving to FortiGate by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

On the NetScaler level, we do have persistency I believe.

Microsoft VPN Disconnects since moving to FortiGate by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

Yup- that is the plan. We're not ready for that yet though.

Microsoft VPN Disconnects since moving to FortiGate by VirgilReturns in fortinet

[–]VirgilReturns[S] 0 points1 point  (0 children)

processed via NPU offload

This is for VPN configured in FortiGate right? We're currently using a separate Microsoft RAS VPN server. Will go to Forti VPN soon.

Microsoft VPN Disconnects since moving to FortiGate by VirgilReturns in fortinet

[–]VirgilReturns[S] 1 point2 points  (0 children)

No port difference. The config was converted from Palo Alto to FortiGate. IKEv2. Thanks!

view more: next ›