
Navigate to Users & Authentication > Single Sign-On and click Create. Log in to your Fortinet VPN web interface as an Admin. Step 3: Enable SAML in the Fortinet web interface

Click Add to map the usernname attribute from your source directory to the Fortinet VPN app.In the Service Provider Configuration section, enter the following values: Element Go to the Trust tab in the application paneįrom the Identity Provider Configuration > Manual Configuration section, download the signing certificate. Step 2: Configure the Fortinet VPN app for SSO Confirm that you want to add the application.Ĭlose the app catalog window to go to the Fortinet app configuration page. In the app catalog window, search for the Fortinet VPN app and select Add. Go to Admin Portal > Apps > Web Apps and select Add Web Apps Step 1: Add the Fortinet VPN app to the Identity Administration portal This sections describes how to configure SSO in the web interface. You have created a FortiGate admin and users for SSOĬonfigure CyberArk Identity SSO for Fortinet VPN You can configure the following SSO methods: MethodĬonfigure SSO to enable your users to connect through Fortinet VPN client software.īefore you begin, make sure you have the following prerequisites:įortiClient or FortiClient VPN 6.4.0 or laterĪccess to the CyberArk Identity Admin PortalĪccess to the FortiGate admin console or CLIīefore you configure the FortiGate SSL VPN web interface for SSO, make sure you have the following:įortiGate Domain. This enables you to inherit your existing Adaptive SSO and MFA for strong security. This topic describes how to connect your SSL-VPN Fortinet solution to CyberArk Identity using SAML. FortiGate-Destination show vpn ipsec phase2-interface config vpn ipsec phase2-interface edit 'ToSource' set phase1name 'ToSource' set proposal aes128gcm set dhgrp 21 set keepalive enable set keylifeseconds 28800 End ZorksNET 8 mo.
