Versions Compared

Old Version 4

changes.mady.by.user Paul Ruvin

Saved on

compared with

New Version 5

changes.mady.by.user Paul Ruvin

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Configuring the Security Fabric with SAML:Here we assume you have already set the appropriate Fabric Connector configurations.  This guide will only explain how to configure the SP and IDP settings.

Section
bordertrue


Column

Log in to the root FortiGate.


Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.



Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px




...

Section
bordertrue


Column

In the Topology tree, hover over a FortiGate and click Configure.Fabric Connector Edit screen go down to where it says SAL Single Sign-On and click Advance Options



Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image RemovedImage Added




Section
bordertrue


Column

In the SAML SSO Window Specify the SP address.  This is essentially the URL or the IP address of the Fortinet UI you wish to log onto.


Expand SP details


Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Added  




Log back in. to the DualShield Admin Console



Section
bordertrue


Column

Go to SSO>Service ProvidersClick Ok in the configure window


Column
width50%


Image Removed  
Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Added



Click on Image Added on the top right.


Section
bordertrue


Column

Once installed the Certificate needs to be exported

Export it as a Base-64 encoded X.509 (.CER)Fill in the details as per screenshot on right and make sure you select SAML 2.0(Without Metadata) as Type.


Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Removed Image Removed

...

Image Added





Section
bordertrue


Column

Copy and Paste the Entity ID, ACS and Logout URL  from the SP details on the Fortinet UI (see above)



Column
width50%


Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Added




Section
bordertrue


Column

Upload the exported CER file.The completed Service Provider dialogue box will look like this:


Column
width50%


Image Removed
Panel
borderColor#9EBEE5
bgColor#f0f0f0
borderWidth1px

Image Added



Click Save.