Hi All! We have a significant number of InTune joined devices that
authenticate against Azure Active Directory (AAD). We need to work out a
way of authenticating to these clients to the Fortigate. We have
connected the FG to AAD for the VPN with grou...
Hi everyone. What I want to do is access some resources across the IPSEC
vpn terminated on the fortigate via the SSL Portal on that same
fortigate. I can't ping the resources from that fortigate and I think
it's to do with the originating address and...
Hi there, Got an oddity. 7.0.0 works fine, but when I install 7.0.1 or
7.0.2 (VPN client) it connects and seems to be working. There is even
traffic passing the rules on the FG. But the remote client fails. Roll
back to 7.0.0 and it's fine. Any ideas...
We are going to be joining a lot of our devices to InTune. I wonder
whether anyone has any hints on getting details of the logged in user
from these devices to be used by the Fortigate. Particularly in a
'shared device scenario' - we have cabinets fu...
Hi there, Am I imagining it or can RSSO be a little intermittent? I'm in
a very busy site but a small proportion of my users are not showing with
RSSO group filled. No particular reason so far as I can see. It's
picking up the usernames but not the g...
What I'm seeking to do is the same as the seamless nature of a login to
a AD joined device that is authenticated to FSSO. The idea being that
the user logs into their AAD account on the intuned device, then FG
authenticates them based on that. At pre...
If you have an outline of your setup then perhaps that would extend the
conversation?What we're talking about is InTune only setup, no hybrid
joins to local AD etc.Without substantial additional infrastructure it
appears that your only option is a we...
Hi Debbie, So is there an ability to set a self-originating traffic
address for the SSL VPN Portal?Like I mentioned, I used to use an IP
Pool on the traffic rule and it seemed to work - but now it
stopped!CheersJon
No problem Debbie I have a strong feeling that this is to do with
self-originating traffic and IPSEC interface IP addresses and will try
and pursue that :) This is a capture of a ping from the firewall across
the VPN: You can see the IP address is pa...