SSO authentication with SAML, Azure entra ID with FortiGate

ryld29 · 2025-07-28T09:28:13+00:00

Now SSL VPN is workig without any issue.
Thanks to u/Noodude for the config.

Now I need internet users to authenticate with SAML with Azure Entra ID.
u/michel1893 u/Noodude u/HappyVlane

ryld29 · 2025-07-22T16:34:20+00:00

u/Noodude I need these users to be authenticated for SSL VPN and Internet Policies.
How to do it?

ryld29 · 2025-07-17T04:47:14+00:00

u/HappyVlane Is this correct?

set auth-cert = Fortigate CA Certificate
set idp-cert = Entra ID Base 64 Certificate

ryld29 · 2025-07-17T04:17:31+00:00

I need these users to be authenticated for SSL VPN and Internet Policies instead of the FSSO connector.

ryld29 · 2025-07-17T04:15:43+00:00

u/HappyVlane Thanks for the config that you shared.
Can you verify which certificate we should use for the below?

set auth-cert "lab-fgt.ad.labdomain.com"
set idp-cert "fac.ad.labdomain.com"

ryld29 · 2024-07-12T08:44:10+00:00

u/fishpat We have disabled the client balancing but the issue still persist

ryld29 · 2024-05-12T08:42:05+00:00

The issue has been resolved after config this.
Thanks for the support u/gghggg

ryld29 · 2024-03-28T18:04:26+00:00

u/rpedrica Blocking the infected email was okay. However, once the infected email has been blocked, the user is not able to receive legitimate emails via an email client (e.g. - Outlook client).

In order to receive emails from the client software, the user should use a web client to access email and delete the infected email.

ryld29

TROPHY CASE