View Source

Here we assume you have already set the appropriate Fabric Connector configurations. This guide will only explain how to configure the SP and IDP settings.

Log in to the root FortiGate.

Go to Security Fabric > Fabric Connectors and double-click the Security Fabric Setup card.

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW11.png

In the Fabric Connector Edit screen go down to where it says SAL Single Sign-On and click Advance Options

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW14.png

In the SAML SSO Window Specify the SP address. This is essentially the URL or the IP address of the Fortinet UI you wish to log onto.

Expand SP details

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW15.png

Log back in. to the DualShield Admin Console

Go to SSO>Service Providers

DualShield MFA Platform > Configure FortiGate for SAML Authentication > Ctera19.png

Click on on the top right.

Fill in the details as per screenshot on right and make sure you select SAML 2.0(Without Metadata) as Type.

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW16.png

Copy and Paste the Entity ID, ACS and Logout URL from the SP details on the Fortinet UI (see above)

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW17.png

The completed Service Provider dialogue box will look like this:

DualShield MFA Platform > Configure FortiGate for SAML Authentication > FortinetFW18.png

Click Save.