Fortinet SSL VPN Duo Push only works if the Duo User already authenticated

We are setting up some of our Active Directory (AD) users to authenticate using Duo only as part of their remote access. However, if the user has not authenticated using Duo’s Windows RDP authentication, they the attempt to authenticate via Fortinet SSL VPN appears to be work at all.

Hi @DES, thanks for sharing your question with us. I noticed you had a support case open about this issue, and it looks as though you received the answer you needed. I just wanted to share it here with the community as well in case it helps someone else with a similar question.

I understand you are rolling out Duo to your remote users, and new SSL VPN users who have not authenticated before via Windows Logon and RDP are not receiving an authentication request when logging into the VPN. Windows RDP and Fortinet SSL VPN are two different integrations, so the new VPN users don’t need to authenticate through Windows RDP. However, these users need to be enrolled before accessing the VPN. Please ensure that these users are imported from Active Directory and complete Duo Mobile activation.