Here we assume you have already set the appropriate Fabric Connector configurations. This guide will only explain how to configure the SAML SP and IDP settings.
| Section |
|---|
|
| Column |
|---|
Log in to the root FortiGate.
Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.
|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
| 
|
|
|
...
| Section |
|---|
|
| Column |
|---|
In the Fabric Connector Edit screen go down to where it says SAL SAML Single Sign-On and click Advance Options
|
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
| 
|
|
|
...
| Section |
|---|
|
| Column |
|---|
In the SAML SSO Window Specify the SP address. This is essentially the URL or the IP address of the Fortinet UI you wish to log onto.
Expand SP details |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
| 
|
|
|
Log back in. to the DualShield Admin Console
...
| Column |
|---|
Go to SSO>Service Providers |
...
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
 Image Removed
|
Click on 
Image Removed on the top right.
| Section |
|---|
|
| Column |
|---|
Fill in the details as per screenshot on right and make sure you select SAML 2.0(Without Metadata) as Type. |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
 Image Removed
|
| Section |
|---|
|
|
| Section |
|---|
|
| Column |
|---|
Go to SSO>SSO Servers |
| Column |
|---|
|
Image Removed| Section |
|---|
|
| Column |
|---|
Select the drop down menu corresponding to the SSO server you will be using and click on Download IDP Metadata. |
| Column |
|---|
| | Copy and Paste the Entity ID, ACS and Logout URL from the SP details on the Fortinet UI (see above) | | Column |
|---|
| | Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|  Image Removed
|
|
| Section |
|---|
|
| Column |
|---|
The completed Service Provider dialogue box will look like this: |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
 Image Removed
|
| Section |
|---|
|
| Column |
|---|
Click on Attributes at the top |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
 Image Removed
|
| Section |
|---|
|
| Column |
|---|
Select the drop down menu corresponding to the SSO server you will be using and click on Download IDP Metadata. |
| Column |
|---|
|
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
|
 Image Removed
|
Download the IDP Metadata file.
| Panel |
|---|
| borderColor | #9EBEE5 |
|---|
| bgColor | #f0f0f0 |
|---|
| borderWidth | 1px |
|---|
| Image Removed |
|
|