Could anyone help me configure on Forti 100F SSL VPN (only tunnel mode) with authentication on Windows 2012 R2 NPS and e-mail based 2FA? I already connected FGT with Windows Server, created NPS policy, created VPN-Users group with couple users inside. But what next, how to configure e-mail 2FA for radius users that are on Windows server?
I can successfully authenticate using radius NPS and connect using SSL VPN, but I do not have additional box with e-mail token to enter (I use latest forticlient vpn). I would rather to use SSL VPN as this have additional host-checks, standard IPSEC VPN do not have such features.
why there is so weak support on this forum[&:] ?
I've done this, corresponding local user as radius user needs to be created, then assigned to local group, and then in firewall policy as source this group should be choosen.
Are you using the Azure NPS connector or NPS directly on-site?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.