Duo, Fortinet IPSEC 2FA


#1

We currently use Duo for our SSL VPN 2FA with the Forticlient but we have several users that use the Forticlient/Fortinet IPSEC so they can use Shoretel phone system remotely. Does anyone have any ideas on how to setup Duo with Fortinet IPSEC? I know there are tutorials for CISCO just trying to get some guideance for Fortinet.

Thank you for all your help!
Donna


#2

Hi Donna,

Are you asking for help with the Duo configuration, or with the Fortinet steps?

You can use the same Authentication Proxy RADIUS configuration with [radius_server_auto] described here with IPSec connections.

Then in the Fortigate you should be able to specify that Duo server as the RADIUS server for remote IPSec users.

I haven’t set up Fortigate IPSec myself but feel free to come back with more questions.