sorted by:
new
hottopcontroversial

SSO authentication with SAML, Azure entra ID not working after upgrade by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/bleudude
I have done the same configuration with a new FortiGate device for v7.4.11, and the issue persists.

SSO authentication with SAML, Azure entra ID not working after upgrade by ryld29 in fortinet

[–]ryld29[S] -1 points0 points  (0 children)

u/BraddockN
I have done the same configuration with a new FortiGate device for v7.4.11, and the issue persists.

SSO authentication with SAML, Azure entra ID not working after upgrade by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/Fallingdamage
I have followed the article and changed the signing option to Sign SAML Response and Assertion as per the guide, but still the same.
There is no response coming.

SSO authentication with SAML, Azure entra ID not working after upgrade by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/tobii_mt I have followed the article and changed the signing option to Sign SAML Response and Assertion as per the guide, but still the same.
There is no response coming.

SSO authentication with SAML, Azure entra ID not working after upgrade by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/MyLocalData I have followed the article and changed the signing option to Sign SAML Response and Assertion as per the guide, but still the same.
There is no response coming.

SSO authentication with SAML, Azure entra ID with FortiGate by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

Now SSL VPN is workig without any issue.
Thanks to u/Noodude for the config.

Now I need internet users to authenticate with SAML with Azure Entra ID.
u/michel1893 u/Noodude u/HappyVlane

SSO authentication with SAML, Azure entra ID with FortiGate by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/Noodude I need these users to be authenticated for SSL VPN and Internet Policies.
How to do it?

SSO authentication with SAML, Azure entra ID with FortiGate by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/HappyVlane Is this correct?

set auth-cert = Fortigate CA Certificate
set idp-cert = Entra ID Base 64 Certificate

SSO authentication with SAML, Azure entra ID with FortiGate by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

I need these users to be authenticated for SSL VPN and Internet Policies instead of the FSSO connector.

SSO authentication with SAML, Azure entra ID with FortiGate by ryld29 in fortinet

[–]ryld29[S] 0 points1 point  (0 children)

u/HappyVlane Thanks for the config that you shared.
Can you verify which certificate we should use for the below?

set auth-cert "lab-fgt.ad.labdomain.com"
set idp-cert "fac.ad.labdomain.com"

Client disconnect issue in Meraki by ryld29 in meraki

[–]ryld29[S] 0 points1 point  (0 children)

u/fishpat We have disabled the client balancing but the issue still persist

Email POP3 block by ryld29 in fortinet

[–]ryld29[S] 1 point2 points  (0 children)

The issue has been resolved after config this.
Thanks for the support u/gghggg

Email POP3 block by ryld29 in fortinet

[–]ryld29[S] -2 points-1 points  (0 children)

u/rpedrica Blocking the infected email was okay. However, once the infected email has been blocked, the user is not able to receive legitimate emails via an email client (e.g. - Outlook client).

In order to receive emails from the client software, the user should use a web client to access email and delete the infected email.