Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
273
Views
0
Helpful
1
Replies

Fortinet VPN configuring Duo for multiple tenants

mhoude
Level 1
Level 1

‎11-27-2023 02:31 PM

Hi,

We have a Fortigate unit where the VPN users are splitted between two Azure tenants.  We can configure the MFA using this procedure: Technical Tip: SSL VPN with SAML authentication wi... - Fortinet Community.

However we are looking to buy Duo licenses and are wondering if it supports such scenario ?

Thanks

Labels:
0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎11-28-2023 09:29 AM

It seems like the configuration is all on the Fortigate and which SAML IdP you use with it is immaterial.

The only thing though is that this named Fortigate Duo SSO application https://duo.com/docs/sso-fortinet-fortigate doesn't support sending group info in the SAML assertion.

This Fortigate article, which describes SAML SSO using a Duo SSO Generic SAML application, does include group mapping, which is also mentioned in the article you linked. https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-configure-SAML-SSL-VPN-using-DUO-as-the/ta-p/217433

I don't know how you plan to buy Duo licenses, if direct from duo.com or via a Cisco reseller, but you can always sign up for a free 30-day Duo trial at https://signup.duo.com/ to test this config before you buy.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents