12/20/2023 0 Comments Fortigate 2faUnfortunately our customer has tried to use the SMS and passcode (MS Authenticator App) methods and reported it didn't work. This works exactly how we want when using Push Notification or Phone Call 2FA methods (via Microsoft Authenticator App). This was achieved using Network Access Policies on the NPS server. We followed the following Cookbook document to successfully implement this:įor the existing network access based on AD user group membership to work, the NPS server (RADIUS) had to send RADIUS attributes for group membership back to the FortiGate with the Access-Accept. Our customer now wants to integrate the existing SSL VPN to with their Azure MFA for 2-factor authentication. Our customer subsequently moved their AD into Azure cloud and introduced Azure MFA. I'm hoping someone will be able to advise me on a work around, or an alternative solution, to avoid the following limitations with Microsoft NPS Extension for Azure MFA (without having to implement a completely different solution!):įor context, our customer originally had a FortiClient to FortiGate SSL VPN that utilized LDAP authentication, allowing different levels of network access depending on AD user group membership.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |