Fortinet Document Library

Version:

Version:


Table of Contents

Cookbook

Download PDF
Copy Link

FortiGate SSL VPN with FortiAuthenticator as the IdP proxy for Azure

This example configuration allows FortiAuthenticator to act as the IdP proxy for Azure authentication to a FortiGate SSL VPN connection. This allows authentication of SSL VPN users against an Azure IdP using two factor authentication with FortiToken by inserting FortiAuthenticator into the authentication flow.

This configuration uses the following topology:

To configure FortiAuthenticator as the IdP proxy for Azure:
  1. Configuring Azure
  2. Configuring FortiAuthenticator
  3. Configuring FortiGate
  4. Results

You need Azure Active Directory Premium P1 or P2 to perform group-based assignments to an Enterprise App. Azure AD Free tier only supports user-based assignments.

FortiGate SSL VPN with FortiAuthenticator as the IdP proxy for Azure

This example configuration allows FortiAuthenticator to act as the IdP proxy for Azure authentication to a FortiGate SSL VPN connection. This allows authentication of SSL VPN users against an Azure IdP using two factor authentication with FortiToken by inserting FortiAuthenticator into the authentication flow.

This configuration uses the following topology:

To configure FortiAuthenticator as the IdP proxy for Azure:
  1. Configuring Azure
  2. Configuring FortiAuthenticator
  3. Configuring FortiGate
  4. Results

You need Azure Active Directory Premium P1 or P2 to perform group-based assignments to an Enterprise App. Azure AD Free tier only supports user-based assignments.