cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
249
Views
0
Helpful
1
Replies

Fortigate vpn integration with duo

Vishal6
Level 3
Level 3

Hi All,

Need Fortinet’s SAML integration with Duo as an identity provider, using Azure AD as the directory source. Do i require authentication proxy to install in AD source ?. Im folllowing below article to do the configuration.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-SSL-VPN-with-DUO-as-SAML-IdP-using-Azure-AD-as/ta-p/230378

1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

Duo SSO has three ways to authenticate your users:

1. Duo as the identity store (FortiGate > Duo SSO > Duo verifies primary creds for users directly in Duo without connecting to another directory).

2. Active Directory as the identity store (FortiGate > Duo SSO > Duo Authentication Proxy (LDAP) > Active Directory > AD DC verifies primary creds).

3. Entra ID (Azure AD) as the identity store (FortiGate > Duo SSO > Entra ID (SAML) > Entra ID verifies primary creds).

Only #2 needs you to install Duo Authentication Proxy.

Have you read through https://duo.com/docs/sso#external-authentication-sources? It explains external authentication options for Duo SSO.

Duo, not DUO.
Quick Links