Duo, Fortinet IPSEC 2FA


We currently use Duo for our SSL VPN 2FA with the Forticlient but we have several users that use the Forticlient/Fortinet IPSEC so they can use Shoretel phone system remotely. Does anyone have any ideas on how to setup Duo with Fortinet IPSEC? I know there are tutorials for CISCO just trying to get some guideance for Fortinet.

Thank you for all your help!


Hi Donna,

Are you asking for help with the Duo configuration, or with the Fortinet steps?

You can use the same Authentication Proxy RADIUS configuration with [radius_server_auto] described here with IPSec connections.

Then in the Fortigate you should be able to specify that Duo server as the RADIUS server for remote IPSec users.

I haven’t set up Fortigate IPSec myself but feel free to come back with more questions.