- Once the user tries to connect to the SSL VPN web portal, FortiGate will redirect the user to FortiAuthenticator.
Please note that SAML does not work with the tunnel mode for SSL VPN.
- The FortiAuthenticator will act as a SAML proxy and forward the request to Azure for authentication.
- After entering their credentials, if the user has a token assigned they will be requested to enter it for two factor authentication.
- The user is now connected to the SSL VPN.