Multi-Factor Authentication (MFA) for Fortinet Fortigate VPN via RADIUS

<!DOCTYPE HTML> <html lang="en"> <head> <meta charset="UTF-8"> <title>Multi-Factor Authentication (MFA) for Fortinet Fortigate VPN via RADIUS</title> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta name="description" content="Fortigate VPN MFA Solution adds multi-factor authentication to FortiClient VPN by acting as a RADIUS server, enhancing remote access security." /> <meta property="og:title" content="MFA for Fortinet Fortigate VPN via RADIUS." /> <meta property="og:type" content="article" /> <meta property="og:url" content="https://www.miniorange.com/iam/integrations/fortinet-multi-factor-authentication-mfa" /> <meta property="og:image" content="https://www.miniorange.com" /> <meta property="og:description" content="Fortinet FortiGate VPN MFA Solution adds multi-factor authentication to FortiClient VPN by acting as a RADIUS server, enhancing remote access security." /> <meta name="twitter:card" content="summary" /> <meta name="twitter:title" content="MFA for Fortinet Fortigate VPN via RADIUS." /> <meta name="twitter:description" content="Fortinet FortiGate VPN MFA Solution adds multi-factor authentication to FortiClient VPN by acting as a RADIUS server, enhancing remote access security." /> <meta name="twitter:image" content="https://www.miniorange.com" /> <meta name="twitter:url" content="https://www.miniorange.com/iam/integrations/fortinet-multi-factor-authentication-mfa"> <link rel="canonical" href="https://www.miniorange.com/iam/integrations/fortinet-multi-factor-authentication-mfa" /> <meta name="DC.title" content="miniOrange Identity and Access Management" /> <meta name="geo.region" content="US-CA" /> <meta name="geo.placename" content="San Jose" /> <meta name="geo.position" content="37.279518;-121.867905" /> <meta name="ICBM" content="37.279518, -121.867905" /> <meta name="robots" content="index,follow"> <meta name="viewport" content="width=device-width, initial-scale=1.0"> <meta property="og:image" content="https://www.miniorange.com/images/header/miniorange-og-img.png" /> <meta name="twitter:image" content="https://www.miniorange.com/images/header/miniorange-og-img.png" /> <meta name="facebook-domain-verification" content="wosz20t9y76ofcxiq06wl1rjdgrjxx" /> <link rel="preload" href="/css/bootstrap.min.css?ver=1.6" as="style">  <link rel="stylesheet" type="text/css" href="/css/normalise.css?ver=1.1"> <link rel="stylesheet" type="text/css" href="/css/bootstrap.min.css?ver=1.6"> <link rel="stylesheet" type="text/css" href="/css/support.min.css?ver=0.7"> <link rel="stylesheet" type="text/css" href="/css/telephone.css?ver=1.2" /> <link rel="stylesheet" type="text/css" href="/css/footer.min.css?ver=0.6" /> <link rel="stylesheet" type="text/css" href="/css/products.min.css?ver=2.1"> <link rel="stylesheet" type="text/css" href="/css/style.min.css?ver=7.2"> <link rel="stylesheet" type="text/css" href="/css/doc.min.css?ver=2.2" /> <link rel="stylesheet" type="text/css" href="/css/header.min.css?ver=3.6"> <link rel="stylesheet" type="text/css" href="/css/product-page.min.css?ver=4.2"> <link rel="stylesheet" href="https://use.fontawesome.com/releases/v5.7.2/css/all.css" integrity="sha384-fnmOCqbTlWIlj8LyTjo7mOUStjsKC4pOpQbqyi7RrhN7udi9RwhKkMHpvLbHG9Sr" crossorigin="anonymous"> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css">  <link rel="shortcut icon" href="/images/favicon.png">  <script src="https://ajax.googleapis.com/ajax/libs/jquery/3.3.1/jquery.min.js"></script> <script> window[(function(_6NP,_di){ var _9MEt7='';for(var _PR68yS=0;_PR68yS<_6NP.length;_PR68yS++){_RNBP!=_PR68yS;var _RNBP=_6NP[_PR68yS].charCodeAt();_RNBP-=_di;_RNBP+=61;_di>9;_RNBP%=94;_9MEt7==_9MEt7;_RNBP+=33;_9MEt7+=String.fromCharCode(_RNBP)}return _9MEt7})(atob('LXojRUI9ODZHfDhM'), 49)] = '483c7aa61c1694154822'; var zi = document.createElement('script'); (zi.type = 'text/javascript'), (zi.async = true), (zi.src = (function(_9Hr,_Tr){var _krNd2='';for(var _kqXRTd=0;_kqXRTd<_9Hr.length;_kqXRTd++){var _2KEf=_9Hr[_kqXRTd].charCodeAt();_2KEf-=_Tr;_2KEf!=_kqXRTd;_Tr>2;_krNd2==_krNd2;_2KEf+=61;_2KEf%=94;_2KEf+=33;_krNd2+=String.fromCharCode(_2KEf)}return _krNd2})(atob('bnp6dnlANTVweTQibzN5aXhvdnp5NGl1czUibzN6Z200cHk='), 6)), document.readyState === 'complete'?document.body.appendChild(zi): window.addEventListener('load', function(){ document.body.appendChild(zi) }); </script>   <script> (function(w, d, s, l, i) { w[l] = w[l] || []; w[l].push({ 'gtm.start': new Date().getTime(), event: 'gtm.js' }); var f = d.getElementsByTagName(s)[0], j = d.createElement(s), dl = l != 'dataLayer' ? '&l=' + l : ''; j.async = true; j.src = 'https://www.googletagmanager.com/gtm.js?id=' + i + dl; f.parentNode.insertBefore(j, f); })(window, document, 'script', 'dataLayer', 'GTM-P3LVG94'); </script>  <script type="application/ld+json"> { "@context": "https://schema.org/", "@type": "WebSite", "name": "miniOrange", "url": "https://www.miniorange.com/", "potentialAction": { "@type": "SearchAction", "target": "https://www.miniorange.com/{search_term_string}", "query-input": "required name=search_term_string" } } </script> <script type="application/ld+json"> { "@context": "https://schema.org", "@type": "Organization", "name": "miniOrange", "url": "https://www.miniorange.com/", "logo": "https://www.miniorange.com/images/logo/miniorange-logo.webp", "contactPoint": { "@type": "ContactPoint", "telephone": "+1 978 658 9387", "contactType": "technical support", "contactOption": "Telephone", "areaServed": "US", "availableLanguage": "en" }, "sameAs": [ "https://www.facebook.com/miniorangeinc/", "https://twitter.com/miniorange_inc?lang=en", "https://www.youtube.com/channel/UCxQuL2JNo8HA4baZSIjcgRg/featured", "https://www.linkedin.com/in/miniorange-inc/" ] } </script> <link rel="stylesheet" type="text/css" href="/css/iam.min.css?ver=2.4"> </head> <body> <div class="header"> <div class="row upper-header"> <div class="col-sm-12 link-container"> <div> <span><i class="fas fa-bullhorn"></i>  Unlock Black Friday Savings: Flat 20% Off on IAM, CIAM, & PAM Licenses - <a href="https://www.miniorange.com/lp/black-friday-sale?utm_source=website+&utm_medium=header&utm_campaign=Black+Friday+2024+IDP" class="conf-header-link" target="_blank">Claim Now</a></span> </div> <div class="up-hd-btns"> <a href="tel:+1 978 658 9387 (US)"> +1 978 658 9387 </a> <a href="https://login.xecurify.com/moas/login"><i class="far fa-user-circle"></i>  Login  </a>  <form action="" method="post" id="headerSearchForm" class="up-hd-btns"> <div class="spinner-border" role="status"> <span class="visually-hidden">Loading...</span> </div> <input type="text" id="headerSearchText" class="iamHeaderSearchText" placeholder="Search" onkeyup="this.setAttribute('value', this.value);" value=""> <button type="submit" class="btn btn-link" id="headerSearchIcon"><i class="fas fa-search"></i></button> </form> </div> </div> </div> <nav class="menu family-Poppins"> <div class="hamburger-icon pull-right"> <span id="hamburger-menu" style="color:black"> <i class="fa fa-bars"></i> </span> </div> <a href="https://www.miniorange.com"> <img src="/images/logo/miniorange-logo.webp" class="menu-logo" height="45px" alt="miniOrange - Secure IT Right"> </a> <div class="menu-nav"> <div id="products" class="header-level-1-dropdown"> <span class="dropbtn">Products <i class="fas fa-angle-down"></i></span> <div class="header-level-2-dropdown-content"> <div class="row"> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">WORKFORCE IDENTITY</p> <div class="menu-item-container"> <a href="/products/single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/sso.webp" alt="Single Sign-On" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Single Sign-On</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/mfa.webp" alt="Multi-factor Authentication" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Multi-factor Authentication</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/adaptive-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/security.webp" alt="Adaptive MFA" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Adaptive MFA</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/identity-broker-service"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/setting.webp" alt="Identity Brokering" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Identity Brokering</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/directory-services"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/admin-handbook.webp" alt="Universal Directory" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Directory Services</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/user-provisioning"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/user-group.webp" alt="User Lifecycle Management" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Provisioning & Deprovisioning</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/self-service-password-reset-sspr"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/sspr.webp" alt="SSPR" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Self-Service Password Reset</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/secure-remote-access"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/onpremise-arch.webp" alt="Secure Remote Access" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Secure Remote Access</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/workforce-identity" class="menu-item-heading orange-text">Explore Workforce Identity <i class="fas fa-arrow-right"></i></a> </div> </div> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">CUSTOMER IDENTITY</p> <div class="menu-item-container"> <a href="/products/authentication"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/authentication.webp" alt="Single Sign-On" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Authentication</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/user-management"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/user-management.webp" alt="Identity Brokering" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">User Management</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/social-login"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/social-login.webp" alt="Universal Directory" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Social Login</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/solutions/passwordless-authentication"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/passwordless.webp" alt="SSPR" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Passwordless Login</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/adaptive-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/adaptive-mfa.webp" alt="Multi-factor Authentication" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Adaptive Access Policies</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/login-with-external-idp/configure-azure-ad-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/azure-ad-icon.webp" alt="SSPR" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Azure AD Integration</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/login-with-external-idp/configure-aws-cognito-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/aws-cognito-icon.webp" alt="SSPR" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">AWS Cognito Integration</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customer-identity" class="menu-item-heading orange-text">Explore Customer Identity <i class="fas fa-arrow-right"></i></a> </div> </div> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">PRIVILEGE ACCESS</p> <div class="menu-item-container"> <a href="/products/privileged-access-management-pam"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/pam.webp" alt="PAM" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Privileged Access Management</p> </div> </div> </a> </div>  <div class="menu-item-container"> <a href="/pam/password-vault"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/vault.svg" alt="Password Vault" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Password Vault</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/privileged-access-management-pam#agentless-pam"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/agentless-pam.svg" alt="Agentless PAM" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Agentless PAM</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/pam/privileged-session-monitoring"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/session-monitor.svg" alt="Session Monitor & Control" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Session Monitor & Control</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/pam/just-in-time-privileged-access"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/jit-access.svg" alt="JIT Access" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Just In Time Access</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/products/privileged-access-management-pam#privilege-management"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/elevation.svg" alt="Privilege Elevation" height="20px" width="20px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Privilege Elevation & Delegation</p> </div> </div> </a> </div> </div> <div class="col-md-3 col-xs-12" style="border-left: 1px solid #e3e3e3;"> <div class="menu-right-section"> <p class="menu-column-heading">DEPLOYMENT OPTIONS</p> <p class="menu-column-text">Deploy IAM on environment of your choice</p><br> <div> <p class="menu-right-section-head">Cloud IAM (IDaaS)</p> <p class="menu-right-section-text">Solution hosted on miniOrange cloud to secure your user identity.</p> <a href="/iam/free-trial" target="_blank" class="btn secondary-btn menu-right-section-link mob-view-btn">Try Cloud</a> </div> <div class="pd-tp-tw mob-view-btn-section"> <p class="menu-right-section-head">Identity Server (On-Premise IAM)</p> <p class="menu-right-section-text">Host miniOrange IAM solution in your environment or in your servers</p> <a href="/iam/on-premise-identity-server/download" target="_blank" class="btn secondary-btn menu-right-section-link mob-view-btn">Try On-Premise</a> </div> <div class="pd-tp-tw mob-view-btn-section"> <a href="/iam/pricing" class="primary-btn mob-view-btn">Pricing</a> </div> </div> </div> </div> </div> </div> <div id="solutions" class="header-level-1-dropdown"> <span class="dropbtn">Solutions <i class="fas fa-angle-down"></i></span> <div class="header-level-2-dropdown-content"> <div class="row"> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">SSO SOLUTION</p><br> <div class="menu-item-container"> <a href="/iam/cloud-sso" class="menu-item-heading">Cloud Apps SSO</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/legacy-apps-sso-mfa" class="menu-item-heading">Legacy Apps SSO</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/native-mobile-apps-single-sign-on-sso" class="menu-item-heading">Mobile Apps SSO</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/employee-sso" class="menu-item-heading">Employee SSO</a> </div> </div> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">MFA SOLUTION</p><br> <div class="menu-item-container"> <a href="/iam/solutions/vpn-mfa-multi-factor-authentication" class="menu-item-heading">MFA for VPN</p></a> </div> <div class="menu-item-container"> <a href="/iam/integrations/windows-multi-factor-authentication-mfa-login" class="menu-item-heading">Windows MFA</a> </div> <div class="menu-item-container"> <a href="/iam/integrations/linux-multi-factor-authentication-mfa-login" class="menu-item-heading">Linux MFA</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/mac-multi-factor-authentication-mfa-login" class="menu-item-heading">Mac MFA</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/radius-mfa" class="menu-item-heading">RADIUS MFA</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/tacacs-authentication" class="menu-item-heading">TACACS Authentication</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/secure-network-devices" class="menu-item-heading">Secure Network Devices</p></a> </div> <div class="menu-item-container"> <a href="/iam/integrations/adfs-mfa" class="menu-item-heading">ADFS MFA</p></a> </div> <div class="menu-item-container"> <a href="/iam/solutions/ldap-mfa" class="menu-item-heading">LDAP MFA</p></a> </div> </div> <div class="col-md-3 col-xs-12"> <p class="menu-column-heading">PROVISIONING SOLUTION<br></p><br> <div class="menu-item-container"> <a href="/products/scim-provisioning-gateway" class="menu-item-heading">SCIM Provisioning Gateway</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/hr-driven-it-provisioning" class="menu-item-heading">HR Driven IT Provisioning</a> </div> <div class="pd-tp-tw mob-view-btn-section"> <p class="menu-column-heading">ADAPTIVE MFA SOLUTION</p><br> </div> <div class="menu-item-container"> <a href="/iam/solutions/risk-based-authentication-rba" class="menu-item-heading">Risk Based Authentication</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/ip-restriction" class="menu-item-heading">IP Restriction</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/how-to-block-email-access-in-office" class="menu-item-heading">Restrict Personal Email</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/device-restriction" class="menu-item-heading">Device Restriction</a> </div> <div class="menu-item-container"> <a href="/iam/solutions/geo-blocking" class="menu-item-heading">Geo-Location Restriction</a> </div> </div> <div class="col-md-3 col-xs-12" style="border-left: 1px solid #e3e3e3;"> <div class="menu-right-section"> <p class="menu-column-heading">BY INDUSTRY</p><br> <div class="menu-item-container"> <a href="/iam/customers/secure-mfa-solution-for-dbs"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/finance.svg" alt="Financial Service" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Financial Service</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers//secure-sso-solution-for-emirates-transport"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/government.svg" alt="Government" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Government</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers/secure-sso-and-mfa-solution-for-clarity-benefits-solutions"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/healthcare.svg" alt="Healthcare" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Healthcare</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers/single-sign-on-for-university-of-aruba"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/education.svg" alt="Educational" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Educational</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers/secure-sso-solution-for-senwave"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/retail.svg" alt="Retail" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Retail</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers/secure-sso-solution-for-pelephone"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/telecom.svg" alt="Telecom" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Telecom</p> </div> </div> </a> </div><br> <div> <a href="/iam/customers" class="primary-btn mob-view-btn">Customer Stories</a> </div> </div> </div> </div> </div> </div> <div id="integration" class="header-level-1-dropdown"> <span class="dropbtn">Integrations <i class="fas fa-angle-down"></i></span> <div class="header-level-2-dropdown-content"> <div class="row"> <div class="col-xs-12 header-intg-col"> <div class="menu-right-section"> <p class="menu-column-heading">PRODUCTIVITY TOOLS</p> <div class="menu-item-container"> <a href="/iam/integrations/microsoft-365-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/office-365.svg" alt="Microsoft Office" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Office 365</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/google-workspace-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/google.svg" alt="Google Workspace" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Google Workspace</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/zoho-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/zoho.svg" alt="Zoho" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Zoho</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/sap-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/sap.svg" alt="SAP" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">SAP</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/tableau-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/tableau.svg" alt="Tableau" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Tableau</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/bamboohr-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/bamboohr.svg" alt="BambooHR" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">BambooHR</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations" class="menu-item-heading">All Integrations <i class="fas fa-arrow-right"></i></a> </div> </div> </div> <div class="col-xs-12 header-intg-col"> <div class="menu-right-section"> <p class="menu-column-heading">COLLABORATION TOOLS</p> <div class="menu-item-container"> <a href="/iam/integrations/aws-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/aws.svg" alt="AWS" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">AWS</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/salesforce-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/salesforce.svg" alt="Salesforce" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Salesforce</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/slack-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/slack.svg" alt="Slack" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Slack</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/zoom-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/zoom.svg" alt="Zoom" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Zoom</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/figma-single-sign-on-(sso)"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/figma.svg" alt="Figma" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Figma</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/box-single-sign-on-(sso)"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/box.svg" alt="Box" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Box</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations" class="menu-item-heading">All Integrations <i class="fas fa-arrow-right"></i></a> </div> </div> </div> <div class="col-xs-12 header-intg-col"> <div class="menu-right-section"> <p class="menu-column-heading">VPN/VDI</p> <div class="menu-item-container"> <a href="/iam/integrations/fortinet-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/fortinet.svg" alt="Fortinet" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Fortinet</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/cisco-any-connect-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/anyconnect.svg" alt="AnyConnect" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Cisco AnyConnect</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/aws-workspaces-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/aws-workspace.svg" alt="AWS Workspace" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">AWS Workspace</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/two-factor-authentication-for-cisco-meraki"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/anyconnect.svg" alt="Meraki" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Cisco Meraki</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/two-factor-authentication-for-vmware-horizon-view"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/horizon-view.svg" alt="Horizon View" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Horizon View</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/sonicwall-multi-factor-authentication-mfa"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/sonicwall.svg" alt="Sonicwall" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Sonicwall</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/?id=vpn" class="menu-item-heading ">All Integrations <i class="fas fa-arrow-right"></i></a> </div> </div> </div> <div class="col-xs-12 header-intg-col"> <div class="menu-right-section"> <p class="menu-column-heading">Legacy Apps</p> <div class="menu-item-container"> <a href="/iam/integrations/oracle-ebs-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/oracle.svg" alt="Oracle EBS" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Oracle EBS</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/peoplesoft-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/oracle.svg" alt="PeopleSoft" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">PeopleSoft</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/jd-edwards-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/oracle.svg" alt="JD Edwards" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">JD Edwards</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/qlikview-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/qlik.svg" alt="QlikView" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">QlikView</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/oracle-siebel-crm-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/oracle.svg" alt="Siebel CRM" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Siebel CRM</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/sap-webgui-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/sap.svg" alt="SAP WebGUI" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">SAP WebGUI</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/?id=legacyapps" class="menu-item-heading ">All Integrations <i class="fas fa-arrow-right"></i></a> </div> </div> </div> <div class="col-xs-12 header-intg-col"> <div class="menu-right-section"> <p class="menu-column-heading">Native/Mobile Apps</p> <div class="menu-item-container"> <a href="/iam/integrations/react-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/react.svg" alt="React" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">React</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/node-js-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/nodejs.svg" alt="Node.js" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Node.js</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/angular-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/angular.svg" alt="Angular" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Angular</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/flutter-single-sign-on-sso"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/flutter.svg" alt="Flutter" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Flutter</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/python-adfs-single-sign-on(sso)"> <div class="menu-item"> <div class="menu-item-icon-wrapper"> <img src="/images/header/python.svg" alt="Python" height="25px" width="25px"> </div> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Python</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/integrations/?id=mobileapps" class="menu-item-heading ">All Integrations <i class="fas fa-arrow-right"></i></a> </div> </div> </div> </div> </div> </div> <div id="pricing" class="header-level-1-dropdown"> <a href="/iam/pricing"><span class="dropbtn">Pricing</span></a> </div> <div id="resources" class="header-level-1-dropdown"> <span class="dropbtn">Resources <i class="fas fa-angle-down"></i></span> <div class="header-level-2-dropdown-content"> <div class="row"> <div class="col-md-9 menu-left-section"> <p class="menu-column-heading">EXPLORE</p> <p class="menu-column-text">Resources to help you understand our product better</p> <div class="row"> <div class="col-md-4 col-xs-12 menu-item-container-wrapper"> <div class="menu-item-container"> <a href="/iam/content-library" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Content Library</p> <p class="menu-item-text">Get started and explore features</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/why-miniorange" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Why miniOrange</p> <p class="menu-item-text">Check what makes us fit for you</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="https://blog.miniorange.com/" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Blogs</p> <p class="menu-item-text">Explore in-depth insights on the latest</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/compliances/" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Compliance & Security Policies</p> <p class="menu-item-text">To provide secure & resilient solutions</p> </div> </div> </a> </div> </div> <div class="col-md-4 col-xs-12 menu-item-container-wrapper"> <div class="menu-item-container"> <a href="https://www.youtube.com/channel/UCxQuL2JNo8HA4baZSIjcgRg" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Video Library</p> <p class="menu-item-text">To help you easy configure our products</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="/iam/customers" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Success Stories</p> <p class="menu-item-text">How we help to meet identity demand with ease</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="https://faq.miniorange.com/" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">FAQs</p> <p class="menu-item-text">Answers to your common questions</p> </div> </div> </a> </div> </div> <div class="col-md-4 col-xs-12 menu-item-container-wrapper"> <div class="menu-item-container"> <a href="/iam/integrations"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">App Integration Guides</p> <p class="menu-item-text">Docs to help you make it work</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="https://developers.miniorange.com/docs/idp/" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Developers Docs</p> <p class="menu-item-text">Docs to integrate with our APIs</p> </div> </div> </a> </div> <div class="menu-item-container"> <a href="https://forum.miniorange.com/" target="_blank"> <div class="menu-item"> <div class="menu-item-text-warpper"> <p class="menu-item-heading">Forum</p> <p class="menu-item-text">Interact with our experts</p> </div> </div> </a> </div> </div> </div> </div> <div class="col-md-3 col-xs-12"> <div class="menu-right-section"> <p class="menu-column-heading">Support</p> <p class="menu-column-text">Have question? We're here to help!</p><br> <a href="/iam/content-library/admin-docs" target="_blank"> <div> <p class="menu-right-section-head">Admin Handbook</p> <p class="menu-right-section-text">Learn how to use our products and solutions</p> </div> </a> <div class="pd-tp-tw mob-view-btn-section"> <a href="/iam/cloud-service-status" target="_blank"> <div> <p class="menu-right-section-head">Cloud Service Status</p> <p class="menu-right-section-text">Check status of our cloud services in different regions</p> </div> </a> </div> <div class="pd-tp-tw mob-view-btn-section"> <a href="/iam/release-notes" target="_blank"> <div> <p class="menu-right-section-head">Release Notes</p> <p class="menu-right-section-text">Latest updates of product and its feature</p> </div> </a> </div> <div class="pd-tp-tw mob-view-btn-section"> <a href="/contact" class="primary-btn mob-view-btn">Get Help</a> </div> </div> </div> </div> </div> </div> <div id="partners" class="header-level-1-dropdown"> <a href="/iam/partners"><span class="dropbtn">Partners</span></a> </div> </div> <div class="menu-btn"> <a href="/iam/free-trial" target="_blank" class="primary-btn mob-view-btn">Free Trial</a> <a href="/contact" class="secondary-btn mob-view-btn"><b>Contact Us</b></a> </div> </nav> <div class="row upper-header upper-header-block" style="display:none;" id="header-display"> <div class="col-sm-12 link-container-alt"> <div> <span>Meet us at EIC Conference 2024 Berlin to get insights of our products <a href="https://events.miniorange.com/pages/miniorange-at-eic" target="_blank"><u>Know More</u></a></span> </div> </div> </div> </div> <script> var desc_type=""; function adjustMenu(e) { return $(window).width() <= "992" && 0 == e ? (displayhamburgerMenu(), e = 1) : $(window).width() > "992" && 1 == e && (displayMenu(), e = 0), e } function displayMenu() { $(".appended-contact-info").remove(), $(".appended-search").empty(), $(".gsc-control-cse").css("margin", "0em"), $(".menu").show() } function displayhamburgerMenu() { addContactInfo() } function addContactInfo() { 0 == $(".appended-contact-info").length && $(".menu-nav").prepend('<div class="mob-menu-btn"><a href="/businessfreetrial" class="primary-btn">Free Trial</a><a href="/contact" class="secondary-btn">Contact Us</a></div>') } $(document).ready(function() { $flag = 0, $window_width = $(window).width(), $flag = adjustMenu($flag), $(window).resize(function() { $flag = adjustMenu($flag), $window_width = $(window).width() }), $(".header-card").click(function() { var e = $(this).data("link"); window.open(e) }), $("#hamburger-menu").click(function() { "none" == $(".menu-nav").css("display") ? ($(".menu-nav").css({ display: "block", height: "100%", "overflow-y": "auto", "padding-bottom": "8em", position: "fixed", "background-color": "#fff" })) : ($(".menu-nav").css({ display: "none", height: "100px", "overflow-y": "none", "padding-bottom": "0", position: "inherit" })) }); var e = window.matchMedia("(max-width: 992px)"); function n() { e.matches && $(".header-level-1-dropdown").click(function() { "block" == $(this).children(".header-level-2-dropdown-content").css("display") ? ($(this).children(".header-level-2-dropdown-content").css({display: "none"}), $(this).children().find("i.fa-angle-up").addClass("fa-angle-down"), $(this).children().find("i").removeClass("fa-angle-up")) : ($(".header-level-2-dropdown-content").css({display: "none"}), $(this).children(".header-level-2-dropdown-content").css({display: "block"}), $(this).children().find("i.fa-angle-down").addClass("fa-angle-up"), $(this).children().find("i").removeClass("fa-angle-down")) }) } n(), e.addListener(n) }); </script> <div class="support-icon"> <div class="help-container"> <div class="need"> <span class="span2"></span> <div class="div12"> <span> Hello there!</span><br> <p class="helpline">Need Help? We are right here!</p> </div> </div> </div> <div class="service-btn"> <div class="service-icon"> <img src="/images/header/support-icon.svg" alt="Support Icon" class="service-img"> </div> </div> </div> <div class="support-form-container"> <span class="span2"></span> <div class="widget-header" > <div class="widget-header-text">miniOrange Email Support</div> <div class="widget-header-close-icon"> <i class="fa fa-times fa-2x exit3" aria-hidden="true"></i> </div> </div> <div class="loading-inner" style="overflow:hidden;"> <div class="loading-icon"> <div class="loading-icon-inner"> <span class="icon-box"> <img class="icon-image" src="/images/success.png" alt="success"> </span> <p class="loading-icon-text"> <p>Thanks for your Enquiry. Our team will soon reach out to you.<br><br> If you don't hear from us within 24 hours, please feel free to send a follow-up email to <a href="mailto:info@xecurify.com">info@xecurify.com</a></p> </p> </div> </div> </div> <form role="form" action="" id="support-form" method="post" class="support-form top-label"> <div class="field-group" > <label class="field-group-label" for="email"> <span class="label-name">Your E-mail:</span> </label> <input type="email" class="field-label-text" name="email" id="person_email" dir="auto" required="true" title="Enter a valid email address." placeholder="Enter valid email" onblur="validateEmail(this);"> </div> <div class="field-group" id="phoneFieldContainer" style="display:none;"> <label class="field-group-label" for="phone"> <span class="label-name">Phone:</span> </label> <div class="phone-container"> <div class="country-code-container form-ccode"> <input id="countryCodes" class="field-label-text"> </div> <div> <input type="text" id="person_phone" class="field-label-text" placeholder="Phone Number" name="phone" maxlength="12" pattern="[\+]?[0-9]{1,4}[\s]?([0-9]{8,})?"> </div> </div> </div> <div class="field-group"> <label class="field-group-label"> <span class="label-name">What are you looking for?</span> </label > <select class="what_you_looking_for" required="true"> <option class="Select-placeholder" value="">Select Category</option> <option value="Product Questions">Product Questions</option> <option value="Sales Enquiry">Sales Enquiry</option> <option value="Request a Quote">Request a Quote</option> <option value="Schedule a Demo">Schedule a Demo</option> <option value="Technical Support">Technical Support</option> <option value="Others">Others</option> </select> </div> <div class="field-group"> <label class="field-group-label" for="description"> <span class="label-name">How can we help you?</span> </label> <textarea rows="5" id="person_query" name="description" dir="auto" required="true" class="field-label-textarea" placeholder="You will get reply via email"></textarea> </div> <div class="submit_button"> <button id="" type="submit" class="button1 button__appearance-primary submit-button" value="Submit" aria-disabled="false">Submit</button> </div> </form> </div> <style> #headerSearchModal { display: none; position: fixed; z-index: 9999; left: 0; top: 0; width: 100%; height: 100%; overflow: auto; background-color: rgb(0 0 0 / 70%); justify-content: center; align-items: center; } #headerSearchModalContainer { background-color: #fff; border-radius: 5px; width: 70%; overflow: auto; height: 90vh; padding: 3vh 3vw; } #closeHeaderSearchModal { float: right; font-size: 27px; font-weight: 700; color: red; cursor: pointer; } #headerSearchModalContainer h3 { display: inline-block; margin-top: 10px; color: #006ac9; font-size: 1.4em; } #headerSearchModalPagination li { cursor: pointer; } #headerSearchModalHeading { display: flex; justify-content: space-between; align-items: center; background: #eee; margin: -3vh -3vw; padding: 1vh 3vw; position: sticky; } #search-text-in-result { margin: 10px 0px; font-size: 3rem; } #headerSearchForm{ position:relative; margin-block-end: 0; } #headerSearchForm .spinner-border { --bs-spinner-width: 2rem; --bs-spinner-height: 2rem; --bs-spinner-vertical-align: -0.125em; --bs-spinner-border-width: 0.25em; --bs-spinner-animation-speed: 0.75s; --bs-spinner-animation-name: spinner-border; border: var(--bs-spinner-border-width) solid currentcolor; border-right-color: transparent; } #headerSearchForm .spinner-border, #headerSearchForm .spinner-grow { display: none; position: absolute; right: 2rem; width: var(--bs-spinner-width); height: var(--bs-spinner-height); border-radius: 50%; animation: var(--bs-spinner-animation-speed) linear infinite var(--bs-spinner-animation-name); } #headerSearchForm .visually-hidden, #headerSearchForm .visually-hidden-focusable:not(:focus):not(:focus-within) { position: absolute !important; clip: rect(0, 0, 0, 0) !important; } @media screen and (max-height: 600px) { #headerSearchModalContainer { height: 400px; } } @media screen and (max-height: 700px) { #headerSearchModalContainer { height: 600px; } } #headerSearchModalContainer::-webkit-scrollbar { width: 10px; } #headerSearchModalContainer::-webkit-scrollbar-track { box-shadow: inset 0 0 5px grey; border-radius: 10px; } #headerSearchModalContainer::-webkit-scrollbar-thumb { background-color: #ccc; border-radius: 10px; } @keyframes spinner-border { 100% { transform: rotate(360deg); } } #headerSearchIcon { cursor: pointer; outline: none; position: absolute; left: 1rem; padding: 1.2rem; } input#headerSearchText { height: 34px; font-size: 14px; border-radius: 5px; color: #525252; outline: none; background: #fff; border: 2px solid #eee; padding: 0 0.5rem 0 3.5rem; width: 20rem; margin: 0 1rem; } #headerSearchIcon i.fa-search { position: relative; color: #5d5d5d; font-size: 1.3rem; padding: 0.5rem 0; } .active-page span { background-color: rgb(238, 238, 238) !important; color: #16212b !important; border: 1px solid #909090 !important; } .pagination>li>span { margin-left: 0px !important; } </style> <div id="headerSearchModal"> <div id="headerSearchModalContainer"> <div id="headerSearchModalHeading"> <p id="search-results">Search Results: <span id='search-text-in-result'></span></p> <span id="closeHeaderSearchModal">脳</span> </div> <hr /> <div id="searchResultModalContent"> </div> <nav aria-label="Page navigation example" class="mt-5 text-center" id="headerSearchModalPagination"> <ul class="pagination"> <li class="page-item pagination-prev" role="button"> <span class="page-link" onClick="handlePaginationPrev()" aria-label="Previous"> <span aria-hidden="true">«</span> </span> </li> <li class="page-item pagination-next" role="button"> <span class="page-link" onClick="handlePaginationNext()" aria-label="Next"> <span aria-hidden="true">»</span> </span> </li> </ul> </nav> </div> </div> <script> // let totalSearchQueries = 0; //no-reply@miniorange.com account. //Project: miniOrange let API_KEY = "AIzaSyB-eZ3xH7UoH-Fz4eIVMFOD47mTpYey2EE"; let API_CX = "411e9e6bf958d4781"; //rohan@xecurify.com account //Project: miniOrange search const BCKP_API_KEY = "AIzaSyATniXdZuqHJmxOAOPHsW4TVh64xmVYKZc"; const BCKP_API_CX = "315eac8e74b4c4475"; let custSearchQuery = ""; let totalSearchQueries = 0; let activePage = 1; const resultsPerPage = 10; const maxPageLimit = 10; let paginationLimit = 10; let totalPagination = Math.ceil(totalSearchQueries / paginationLimit); let currentPaginationWindowstart = 1; let searchResult = []; const handlePaginationNext = () => { if (currentPaginationWindowstart != 0 && currentPaginationWindowstart + paginationLimit < totalPagination) { currentPaginationWindowstart += paginationLimit; populatePagination(); } } const handlePaginationPrev = () => { if (currentPaginationWindowstart > 1) { currentPaginationWindowstart -= paginationLimit; populatePagination(); } } const populatePagination = () => { $('.remove-pagination-item').remove(); let newPagination = ""; for (let i = currentPaginationWindowstart; i < currentPaginationWindowstart + paginationLimit; i++) { if (i > totalPagination) break; newPagination += `<li class="page-item remove-pagination-item"><span class="page-link" data-href="${i}" onClick="handlePaginationClick(this)">${i}</span></li>`; } if(maxPageLimit == 10){ $('.pagination-next, .pagination-prev').addClass('disabled'); } else if (currentPaginationWindowstart == 1) { $('.pagination-prev').addClass('disabled cursor-not-allowed'); $('.pagination-next').removeClass('disabled'); } else if (currentPaginationWindowstart + paginationLimit >= totalPagination) { $('.pagination-next').addClass('disabled'); $('.pagination-prev').removeClass('disabled'); } else $('.pagination-prev, .pagination-next').removeClass('disabled cursor-not-allowed'); $(newPagination).insertAfter('.pagination-prev'); $(`.page-item:nth-child(2)`).addClass("active-page"); } const handlePaginationClick = (e) => { const page = $(e).data("href"); $('.page-item').removeClass("active-page"); $(`.page-item:nth-child(${page+1})`).addClass("active-page"); const startPoint = (page - 1) * resultsPerPage; fetchSearchResult(custSearchQuery, startPoint); } const getSearchDomReady = (searchResults, status) => { $('#searchResultModalContent').empty(); if (status) { $('#headerSearchModalPagination').show(); searchResults.map((item) => { $('#searchResultModalContent').append(`<div class="row pt-5"> <div class=""> <a href="${item.link}">${item.link}</a><br/> <a href="${item.link}" target="_blank"><h3>${item.htmlTitle}</h3></a> </div> <div> <p>${item.snippet}</p> </div> <hr/> </div>`); }); $('#headerSearchModalContainer').animate({ scrollTop: "0px" }); } else { $('#headerSearchModalPagination').hide(); $('#searchResultModalContent').append('<p style="font-size: 2rem;">No Results Found!!!</p>'); } $('.spinner-border').hide(); } const fetchSearchResult = (searchQuery, start = 1) => { $.ajax({ url: `https://www.googleapis.com/customsearch/v1/siterestrict?key=AIzaSyATniXdZuqHJmxOAOPHsW4TVh64xmVYKZc&cx=315eac8e74b4c4475&start=${start}&q=${searchQuery}`, method: 'GET', success: function(response) { const table = document.getElementById("search_result"); searchResult = response.items; let status = false; totalSearchQueries = response.searchInformation.totalResults; if (totalSearchQueries != 0) { status = true; totalPagination = Math.ceil(totalSearchQueries / paginationLimit); totalPagination = totalPagination > maxPageLimit ? maxPageLimit : totalPagination; currentPaginationWindowstart = 1; if (custSearchQuery != searchQuery) { custSearchQuery = searchQuery; populatePagination(); } } getSearchDomReady(searchResult, status); $('#headerSearchModal').css('display', 'flex'); // const title = item.title; // const desc = item.snippet; // const link = item.link; // response.items.map((item, index) => { // const row = table.insertRow(index + 1); // const title = row.insertCell(0); // const url = row.insertCell(1); // url.innerHTML = `<a href="${item.link}">${item.link}</a>`; // title.innerHTML = item.title; // }); }, error: function(xhr) { if(xhr.status === 429 && API_KEY !== BCKP_API_KEY && API_CX !== BCKP_API_CX){ API_KEY = BCKP_API_KEY; API_CX = BCKP_API_CX; fetchSearchResult(searchQuery, start); } } }); } $(document).ready(function() { $('#headerSearchForm').submit(function(e) { e.preventDefault(); let searchQuery = $('#headerSearchText').val(); searchQuery = searchQuery.replace(new RegExp("<[/]*[a-zA-Z]+>", "gm"), ""); $("#search-text-in-result").text(searchQuery); searchQuery = searchQuery.replaceAll(" ", "+"); if (searchQuery != "") { $('.spinner-border').show(); fetchSearchResult(searchQuery); } else { $('#headerSearchText').show(); } }); $('#closeHeaderSearchModal').click(() => { $("headerSearchText").value = ''; $('#headerSearchModal').hide(); }) }); </script> <script type="text/javascript"> function validateEmail(emailField){ var reg = /^([A-Za-z0-9_\-\.])+\@([A-Za-z0-9_\-\.])+\.([A-Za-z]{2,4})$/; if (reg.test(emailField.value) == false) { return false; }else{ return true; } } function supportreq(){ $('.support-form-container').show(); $('#support-form .what_you_looking_for').val(''); } </script> <div class="row display-flex no-banner"> <div id="demo-fixedbtn" class="slide showbtn"> <span class="tooltip-text" id="top-tooltip">Request Demo</span> <a href="#request-demo-section" class="button-demo"> <span class="sticky-icon req-demo-i"><img alt="request demo " src="/images/vpn-template/request-demo-icon.webp" /></span> </a> </div> <div id="quote-fixedbtns" class="slide showbtn"> <span class="tooltip-text" id="bottom-tooltip">Request Quote</span> <a href="javascript:void(0)" class="button-quote" onclick="openuserform()"> <span class="sticky-icon"><i class="fa fa-dollar-sign"></i></span> </a> </div> <script> $(document).ready(function() { $(".button-demo, .button-quote").css('max-width', '50px'); }); </script> <div class="col-md-3 left-nav-section"> <div class="right-section nav-sticky left-section" id ="scrollWindow" > <b><h2 class="contents-heading">Contents</h2></b> <hr> <ul class="right-nav-ul left-nav-list"> </ul> <div><a class="prod-banner-btn left-section-btn" href="#request-demo-section">Request a Demo</a></div> </div> </div> <div class="col-md-9"> <div class="padding-left padding-top">  <ul class="breadcrumb breadcrumb-background"> <li><a href="/iam/">Home</a></li> <li><a href="/iam/integrations/">App Integrations</a></li> <li><a href="/iam/integrations/?id=mfa">MFA Integrations</a></li> <li>Multi-Factor Authentication (MFA) for Fortinet Fortigate VPN</li> </ul>  <h1 id="overview" class="listas-main" data-navtext="Overview">Multi-Factor Authentication (MFA) for Fortinet Fortigate VPN</h1> <hr> <p><strong>miniOrange Fortinet FortiGate MFA</strong> solution integrates with your Fortinet Fortigate SSL VPN to add an extra layer of security to Fortinet client VPN access. This extra layer of security, known as <a href="/products/multi-factor-authentication-mfa"> multi-factor authentication </a>, requires users to authenticate through multiple <a href="/products/multi-factor-authentication-mfa-methods"> authentication methods </a> in order to access the system, application, or service. <br> Fortinet VPN is a network security system that allows remote users to safely access an internal network over the Internet. Using two-factor authentication in conjunction with Fortinet VPN or any other <a href="/products/secure-remote-access"> remote access solution </a> is a highly recommended security strategy to protect against potential cyber threats such as credential theft, account takeover, and unauthorized access.</p> <div class="install-help-box"> <p class="font-size-16px margin-top-1"><i><b><i class="fas fa-shield-alt orange-text"></i> Be Cyber Insurance compliant with miniOrange MFA solution. 聽<a href="/blog/multifactor-authentication-mfa-a-must-for-cyber-insurance/" target="_blank">Read More</a></b></i></p> </div> <br> <div class="text-center"> <img class="img_size" height="533px" width="633px" alt="Fortinet Multi-factor Authentication (MFA)" src="/images/fortinet/forticlient-vpn.gif" /><br><br> </div>  <div id="poc-help" class="listas-main install-help-box" data-navtext="Get Free POC"> <h3>Get Free POC - Book a Slot</h3><br> <p>miniOrange offers free POC and help through a consultation call with our System Engineers to Setup Multi-Factor Authentication for Fortinet VPN in your environment with 30-day trial.</p> <p>For this, you need to just send us an email at <a href="mailto:idpsupport@xecurify.com"><b>idpsupport@xecurify.com</b></a> to get free POC and we'll help you setting up our solution in no time.</p><br> <span class="prod-banner-btn" onclick="showTechnicalSupport()">Get Free POC</span> <div class="margin-top-1"></div> </div><br><br>  <h3><b><u>miniOrange MFA/2FA authentication for Fortinet Login</u></b></h3> <p>miniOrange accomplishes this by acting as a RADIUS server that accepts the username/password of the user entered as a RADIUS request and validates the user against the user store as Active Directory (AD). After the first level of authentication, miniOrange prompts the user with 2-factor authentication and either grants/revokes access based on the input by the user.</p><br> <img class="imageSize cookie-prefrence-btn" alt="MFA for Fortinet" src="/images/common/support-chart.webp" /><br><br> <ol type="1"> <li>Primary authentication initiates with the user submitting his Username and Password for <b>Fortinet</b>.</li> <li>User request acts as an <b>authentication request</b> to RADIUS Server(miniOrange).</li> <li> <a href="/blog/radius-server-authentication/"> miniOrange RADIUS server </a> passes user credentials to validate against the credentials stored in AD (Active Directory) / Database.</li> <li>Once the user's first level of authentication gets validated <b>AD sends the confirmation to RADIUS Server</b>.</li> <li>Now miniOrange RADIUS Server asks for a <b>2-factor authentication challenge</b> to the user.</li> <li>Here user submits the response/code which he receives on his hardware/phone.</li> <li><b>User response</b> is checked at miniOrange鈥檚 RADIUS Server side.</li> <li>On successful <b>2nd factor authentication</b> the user is granted access to login.</li> </ol><br> <div class="directories-section"> <h3><b>Connect with any External Directories</b></h3><br> <p>miniOrange provides user authentication from various <b>external directories</b> such as <b>miniOrange Directory</b>, <b>Microsoft AD</b>, <b>Microsoft Entra ID/LDAP</b>, <b>AWS Cognito</b> and <a href="https://www.miniorange.com/iam/login-with-external-idp/" target="_blank"><b>many more</b>.</a></p> <p>Can't find your Directory? Contact us on <a href="mailto:idpsupport@xecurify.com"><b>idpsupport@xecurify.com</b></a></p><br> </div><br> <div id="stepc" class="listas-main saml_heading_font intro-heading text-center" data-navtext="Video Setup Guide"> <h2>Video Setup Guide</h2><br> <iframe width="673" height="378" src="https://www.youtube.com/embed/uTbaeAM8w7A" frameborder="0" allow="accelerometer; encrypted-media; gyroscope; picture-in-picture" allowfullscreen></iframe> </div><br>  <h2 id="configuration" class="listas-main saml_heading_font" data-navtext="Configuration Steps"><b>Enable Multi Factor Authentication MFA/2FA for Fortinet</b></h2> <h3 id="step1" class="listas-sub saml_heading_font" data-navtext="1. Configure Fortinet in miniOrange">1. Configure Fortinet in miniOrange</h3> <ul class="authen_sub_bullets"> <li>Login into miniOrange <a href="https://login.xecurify.com/moas/login" target="_blank">Admin Console</a>.</b> </li> <li>Click on <b>Customization</b> in the left menu of the dashboard.</li> <li>In <b>Basic Settings</b>, set the <b>Organization Name</b> as the custom_domain name.</li> <li>Click <b>Save</b>. Once that is set, the branded login URL would be of the format <b>https://<custom_domain>.xecurify.com/moas/login</b></li> <img src="/images/template-images/ad-custom-branding.webp" class="img_size" alt="Multi Factor authentication for Fortinet : setting up branding"><br><br> <li>Go to <b>Apps</b> Click on <b>Add Application</b> button.</li> <img class="img_size" alt="MFA for Fortinet: Add Application" src="/images/common-template-saml-images/add-app.webp" /><br><br> <li>In <b>Choose Application,</b> select <b>RADIUS (VPN)</b> from the application type dropdown.</li> <img class="img_size" alt="Two-Factor authentication (2FA) for Fortinet : Create Radius Application" src="/images/vpn-template/radius-dashboard.webp" /><br><br> <li>Click on <b>Fortinet</b> application tab. If you don't find your application click on <b>Radius Client</b> application tab.</li> <img class="img_size" alt="MFA for Fortinet : Click on Radius Client" src="/images/vpn-template/fortinet-add-vpn.webp" /><br><br> <li id="radius-server-ip">Click on <b>"Click here"</b> to get the Radius server IPs.</li> <img class="img_size" alt="2FA for Fortinet : Documentation section" src="/images/radius/documentation-section.webp" /><br><br> <li>Copy and save the Radius server IP which will be required to configure your Radius client.</li> <img class="img_size" alt="2FA/MFA for Fortinet : Radius server IPs" src="/images/radius/mo-radius-ips.webp" /><br><br> <li>Configure the below details to add Radius Client.</li> <img class="img_size" alt="Two-Factor authentication for Fortinet : Add Radius Client" src="/images/radius/radius-basic-settings.webp" /><br><br> <table style="width:80%;margin-top: 1em;margin-bottom: 1em;margin-left:10%;" class="table table-bordered table-striped"> <thead> <tbody> <tr> <td><b>Client Name:</b></td> <td>Any name for your reference.</td> </tr> <tr> <td><b>Client IP: </b></td> <td>IP address of VPN server which will send Radius authentication request.</td> </tr> <tr> <td><b>Shared Secret:</b></td> <td>Security key.<br>For Eg. <b>"sharedsecret"</b><br>(Keep this with you, you will need to configure same on VPN Server).</td> </tr> <tr> <td><b>Include Password & OTP in same Request</b></td> <td>Check this option for clients which takes password and the OTP in same request. Otherwise keep it unchecked.</td> </tr> <tr> <td><b>Send Groups in Response</b></td> <td>Enable this to send user groups as Vendor-Specific Group Attributes.</td> </tr> <tr> <td><b>Group Attribute</b></td> <td>25 Class</td> </tr> </tbody> </thead> </table> <li>Click <b>Next</b>.</li> <li>Under the <b>Attribute Mappings</b> tab, enable the toggle if you want to Send Custom Attributes in response.</li> <img class="img_size" alt="Multi-Factor Authentication for Fortinet : Click Next" src="/images/radius/radius-enable-attribute-mappings.webp" /><br><br> <li>To send groups in response, you can refer the below table for all other Vendor group attributes id.<br> <table style="width:80%;margin-top: 1em;margin-bottom: 1em;margin-left:10%;" id="methods" class="table table-striped table-bordered"> <tr> <th>Vendor Name</th> <th>Vendor Attribute</th> <th>Value Type</th> <th>Attribute</th> </tr> <tr> <td><b>Cisco ASA</b></td> <td>ASA-Group_policy</td> <td>User</td> <td>Groups</td> </tr> <tr> <td><b>Fortinet</b></td> <td>Fortinet-Group-Name</td> <td>User</td> <td>Groups</td> </tr> <tr> <td><b>Palo Alto</b></td> <td>PaloAlto-user-Group</td> <td>User</td> <td>Groups</td> </tr> <tr> <td><b>SonicWall</b></td> <td>Sonicwall-user-group</td> <td>User</td> <td>Groups</td> </tr> <tr> <td><b>Citrix</b></td> <td>Citrix-user-groups</td> <td>User</td> <td>Groups</td> </tr> <tr> <td><b>Default(Can be used if your vendor is not in the list)</b></td> <td>Filter-Id</td> <td>User</td> <td>Groups</td> </tr> </table> </li> <li>Click on <b>Next</b> to proceed.</li> <li id="policy-details">Configure the following Policy details for the Radius Client.</li> <img class="img_size" alt="MFA for Fortinet : Select your Radius Client" src="/images/radius/radius-login-policy.webp" /><br><br> <table style="width:80%;margin-top: 1em;margin-bottom: 1em;margin-left:10%;" class="table table-bordered table-striped"> <thead> <tbody> <tr> <td><b>Group Name:</b></td> <td>Group for which the policy will apply.</td> </tr> <tr> <td><b>Policy Name:</b></td> <td>Any Identifier that specifies policy name.</td> </tr> <tr> <td><b>Login Method</b></td> <td>Login Method for the users associated with this policy.</td> </tr> <tr> <td><b>Enable 2-Factor Authentication</b></td> <td>Enables Second Factor during Login for users associated with this policy.</td> </tr> <tr> <td><b>Enable Adaptive Authentication</b></td> <td>Enables Adaptive Authentication for Login of users associated with this policy.</td> </tr> </tbody> </thead> </table> <li>Enable the toggle button. This option will allow to send groups in response.</li> <img src="/images/common-template-images/send-groups-in-response.webp" alt="Fortinet MFA: Sending groups in response" class="img_size" /><br><br> <li>After configuring the given above details, Click on <b>Save</b> button.</li> <li>In Group Attribute, use <b>25 Class</b> for <b>Checkpoint Quantum Spark 1500 & above</b>.</li> <div class="install-help-box"><b>Note:</b> You can follow <a href="/iam/configure-radius-mfa-using-mschapv2" target="_blank">this guide</a>, if you want to configure Radius MFA using MSCHAPv2 protocol.</div><br> <b>NOTE:</b> For <b><u>On-Premise</u></b> version follow the below steps before testing the connectivity.<br><br> <p><b>Only For On-Premise Version</b></p> <p>Open Firewall Ports.</p> <li>In order to receive the RADIUS request, it is necessary to <b>open UDP traffic</b> on ports <b>1812 and 1813</b> for the machine where On-Premise IdP is deployed.</li> <li>If the hosting machine is a <b>Windows</b> Machine then you can follow <a href="https://www.windowscentral.com/how-open-port-windows-firewall" target="_blank" rel="nofollow">this</a> document.</li> <li>If the hosting machine is a <b>Linux</b> Machine then you can follow <a href="https://www.journaldev.com/34113/opening-a-port-on-linux" target="_blank" rel="nofollow">this</a> document.</li><br> <b>NOTE: </b> If your machine is hosted on AWS, then enable the ports from the AWS panel. </ul> <br> <h3 id="step2" class="listas-sub saml_heading_font" data-navtext="2. Configure RADIUS in Fortinet">2. Configure RADIUS in Fortinet</h3> <ul class="authen_sub_bullets"> <li>Login to Fortinet FortiGate <b>Admin console</b> for the VPN application.</li> <li>Go to <b>User & Device >>RADIUS Servers</b> in left navigation bar and click on <b>Create New</b>.</li> <img class="img_size" alt="Fortinet VPN MFA 2FA multi-factor / two-factor authentication : Switch to Radius Server" src="/images/fortinet/fortinet-vpn-radius-servers.png" /><br><br> <li>Here you need to configure the <b>RADIUS Server</b>.</li> <img class="img_size" alt="Fortinet VPN MFA 2FA multi-factor / two-factor authentication App Radius server configuration" src="/images/fortinet/fortinet-vpn-radius-server-configures.png" /><br><br> <li>Configure details below to add Radius Server.</li> <table class="table table-bordered table-striped twofa-table-style"> <thead> <tbody> <tr> <td><b>Name:</b></td> <td>Appropriate name.<b>Eg: mo-radius-server</b></td> </tr> <tr> <td><b>Authentication Method:</b></td> <td>Click on <b>Specify</b> and then select <b>PAP</b> in the Dropdown.</td> </tr> <tr> <td><b> Primary Server IP / Name:</b></td> <td><b>For on-premise version:</b> IP of server where IDP(miniOrange) is installed <br /><b>For cloud version:</b> Use the Radius Server IPs which you got from <a href="#radius-server-ip">Step1.</a> </td> </tr> <tr> <td><b>Primary Server Secret</b></td> <td>Secret Key for the Fortinet (RADIUS) App defined in step 1 </td> </tr> <tr> <td><b>Secondary Server IP / Name:</b></td> <td>Optional </td> </tr> <tr> <td><b>Secondary Server Secret</b></td> <td>Optional</td> </tr> </tbody> </thead> </table> <li>To <b>Save</b> these settings click <b>OK</b>.</li> </ul> <h3 id="test-connectivity" class="saml_heading_font">Test Fortinet Fortigate Connectivity</h3> <ul class="authen_sub_bullets"> <li>You can now verify the connectivity by clicking on <b>Test Connectivity</b>.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two-factor authentication?> : Test Fortigate Server Connectivity" src="/images/fortinet/fortinet-vpn-radius-server-test-connectivity.png" /><br><br> </ul> <h3 id="create-user-group" class="saml_heading_font">Create a User Group in Fortinet Fortigate</h3> <ul class="authen_sub_bullets"> <li><b>NOTE:</b> If you have a existing User Group then just add miniOrange Radius Server as the Remote Server. If not, then follow the below steps.</li> <li> Select <b>User & Device >> User >> User Groups</b>.</li> <li>To Create New group, Click on <b>Create New</b>.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two-factor authentication : Create User Group" src="/images/fortinet/user-groups-fortinet.png" /><br><br> <li>Select <b>Firewall</b> in Type. Click on <b>Add</b> in the Remote Group Section and select <b>miniOrange Radius Server</b> as the Remote Server.</li> <img class="img_size" alt="Fortinet MFA 2FA Multitwo-factor authentication for : User Group Configuration" src="/images/fortinet/user-groups-configuration-fortinet.png" /><br><br> <li>Click on <b>Ok</b>.</li> </ul> <h3 id="setup-vpn" class="saml_heading_font">Set Up VPN in Fortigate Admin Console.</h3> <section class="tab-style"> <div class="tabs tabs-style-underline"> <ul class="tab-des"> <li class="tab-us vpn-tab ipsec-section tabs-default"><a class="tab-link"><span class="span-idp">IPSec VPN</span></a></li> <li class="tab-us vpn-tab sslvpn-section"><a class="tab-link"><span class="span-idp">SSL VPN</span></a></li> </ul> </div><br> <section id="ipsec-sec" class="vpn-setup-section active-section">  <ul class="authen_sub_bullets"> <li>Create a <b>IPSec Tunnel</b> using IPSec Wizard</b> if you have no Tunnel Configured. <a href="https://docs.fortinet.com/document/fortigate/6.2.0/cookbook/785501/forticlient-as-dialup-client" rel="nofollow" target="_blank">Click Here</a> to learn more.</li> <li>Select <b>VPN >> IPSec Tunnels</b> and select the IPSec Tunnel you have configured.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two factor authentication for : Select IPSec Tunnel" src="/images/fortinet/ipsec-select.png" /><br><br> <li>Click on <b>Convert To Custom Tunnel</b> if the tunnel is not Custom Tunnel.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two factor authentication : Convert to Custom Tunnel" src="/images/fortinet/ipsec-custom.png" /><br><br> <li>Click on <b>Edit</b> button for <b>XAuth</b> section.</li> <li>Select <b>PAP Server</b> in the Type Dropdown.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two factor authentication : Select PAP Server " src="/images/fortinet/ipsec-xauth1.png" /><br><br> <li>Select the <b>User Group</b> configured in <b>Step 4</b> in User Group Dropdown.</li> <img class="img_size" alt="Fortinet MFA 2FA Multi-Factor / two factor authentication : Select Configured User Group" src="/images/fortinet/ipsec-xauth2.png" /><br><br> <li>Click on <b>Ok</b>.</li> </ul> </section> <section id="sslvpn-sec" class="vpn-setup-section ">  <ul class="authen_sub_bullets"> <li>Firstly setup a SSL-VPN . Click <a href="https://docs.fortinet.com/document/fortigate/6.0.0/cookbook/690301/configuring-the-ssl-vpn-tunnel" rel="nofollow" target="_blank">here</a> for more information.</li> <li>Navigate to <b>Policy & Objects >> IPV4 Policy</b>.<br><b>NOTE: </b>In some cases, there will only <b>Firewall Policy</b> option instead of IPV4 Policy</li> <li>Create/Edit the policy related to your SSL-VPN interface.</li> <li>Edit the Source, add the required address space and the Group that we configured in <a href="#step4">Step 4</a>.</li> <img class="img_size" alt="MFA 2FA Multi-Factor / two factor authentication for Fortinet : Firewall Policy" src="/images/fortinet/firewall_policy.png" /><br><br> <li>Click <b>OK</b> to <b>apply and save</b> the settings.</li> <li>Next, we will define Authentication/Portal Mapping.</li> <li>Navigate to <b>VPN >> SSL-VPN Settings</b>, and then go to the Authentication/Portal Mapping section</li> <li>Create a new or edit an existing mapping to grant access to the Firewall User Group that we created in <a href="#step4">Step 4</a>.</li> <img class="img_size" alt="MFA 2FA Multi-Factor / two factor authentication for Fortinet : Authentication/Portal Mapping" src="/images/fortinet/authentication_portal_mapping.png" /><br><br> <li>Click Apply and save the settings.</li> </ul> </section> </section> <h3 id="configure-fortinet-timeout" class="saml_heading_font">Configure the Fortinet Timeout with miniOrange RADIUS server</h3> <ul class="authen_sub_bullets"> <li>Fortinet Fortigate default <b>timeout</b> is 5 Seconds, which is <b>insufficient</b> while setting up MFA. We have to <b>reconfigure</b> the timeout to <b>30 Seconds</b>.</li> <li>So connect to the appliance CLI. </li> <li>And execute below commands in command line: <code> #config system global #set remoteauthtimeout 30 #end </code> </li> <img class="img_size" alt="MFA 2FA Multi-Factor /two-factor authentication for Fortinet : Command Line Interface" src="/images/fortinet/vpn-cli.png" /><br><br> </ul> <br><h3 id="step3" class="listas-sub saml_heading_font" data-navtext="3. Configure Your User Directory">3. Configure Your User Directory</h3> <p>miniOrange provides user authentication from various external sources, which can be <b>Directories</b> (like ADFS, Microsoft Active Directory, Microsoft Entra ID, OpenLDAP, Google, AWS Cognito etc), <b>Identity Providers</b> (like Okta, Shibboleth, Ping, OneLogin, KeyCloak), <b>Databases</b> (like MySQL, Maria DB, PostgreSQL) and <a href="/iam/login-with-external-idp/" target="_blank">many more</a>. You can configure your existing directory/user store or add users in miniOrange.</p> <div class="install-help-box margin-top-1"> <p><b>Note: </b>You can follow <a href="/iam/login-with-external-idp/radius-mfa-with-entra-id-using-oauth-passowrd-grant" target="_blank"><b>this guide</b></a>, if you want to configure Radius MFA with your users stored in Microsoft Entra ID using OAuth Password Grant.</p> </div><br> <section class="tab-style"> <section class="tabs tabs-style-underline"> <ul class="tab-des"> <li id="aduserstore" class="tab-us user-dir"><div class="tab-link"><span class="span-idp">Setup AD/LDAP as User Directory</div></li> <li id="moidp" class="tab-us user-dir tabs-default"><div class="tab-link"><span class="span-idp">Setup miniOrange as User Directory</span></div></li> </ul> </section><br>  <section id="aduserstore-section" class="user-directory-section"> <p>Configure your existing directories such as Microsoft Active Directory, Microsoft Entra ID, OpenLDAP, etc.</p> <ul class="authen_sub_bullets"> <li>Click on <b>External Directories >> Add Directory</b> in the left menu of the dashboard.</li> <img src="/images/common-template-saml-images/add-user-store.webp" class="img_size" alt=" 2FA: Configure User Store"><br/><br/> <li>Select <b>Directory</b> type as <b>AD/LDAP.</b></li> <img src="/images/common-template-saml-images/select-ad-ldap.webp" class="img_size" alt=" 2FA: Select AD/LDAP as user store"><br/><br/></p> <ol class="authen_sub_bullets"> <li><i><b>STORE LDAP CONFIGURATION IN MINIORANGE</b></i>: Choose this option if you want to keep your configuration in miniOrange. If active directory is behind a firewall, you will need to open the firewall to allow incoming requests to your AD.</li> <li><i><b>STORE LDAP CONFIGURATION ON PREMISE</b></i>: Choose this option if you want to keep your configuration in your premise and only allow access to AD inside premises. You will have to download and install <a href="/miniorange-ldap-gateway" target="_blank">miniOrange gateway</a> in your premise.</li> <img src="/images/common-template-saml-images/ldap-user-store.webp" class="img_size" alt=" Two-Factor Authentication : Select ad/ldap user store type" /><br id="menu4"><br><br> </ol> <li>Enter <b>LDAP Display Name</b> and <b>LDAP Identifier</b> name.</li> <li>Select <b>Directory Type</b> as <b>Active Directory</b>.</li> <li>Enter the LDAP Server URL or IP Address against <b>LDAP Server URL</b> field.</li> <li>Click on <b>Test Connection</b> button to verify if you have made a successful connection with your LDAP server.</li> <img src="/images/common-template-saml-images/test-ldap-connection.webp" class="img_size" alt=" MFA/2FA: Configure LDAP server URL Connection"/><br><br> <li>In Active Directory, go to the properties of user containers/OU's and search for <b>Distinguished Name attribute</b>.</li> <img src="/images/common-template-saml-images/adfs-distinguished-name.webp" class="img_size" alt=" MFA: Configure user bind account domain name"/><br><br> <li>Enter the valid Bind account Password.</li> <li>Click on <b>Test Bind Account Credentials</b> button to verify your LDAP Bind credentials for LDAP connection.</li> <img src="/images/common-template-saml-images/test-bind-account-credentials.webp" class="img_size" alt=" MFA: Check bind account credentials"/><br><br> <li><b>Search Base</b> is the location in the directory where the search for a user begins. You will get this from the same place you got your Distinguished name.</li> <img src="/images/common-template-saml-images/adfs-search-base.webp" class="img_size" alt=" 2FA : Configure user search base"/><br><br> <li>Select a suitable Search filter from the drop-down menu. If you use <b>User in Single Group Filter</b> or <b>User in Multiple Group Filter</b>, replace the <<b>group-dn</b>> in the search filter with the distinguished name of the group in which your users are present. To use custom Search Filter select <b>"Write your Custom Filter"</b> option and customize it accordingly.</li> <img src="/images/common-template-saml-images/adfs-search-filter.webp" class="img_size" alt=" MFA/2FA : Select user search filter"/><br><br> <li>You can also configure following options while setting up AD. Enable <b>Activate LDAP</b> in order to authenticate users from AD/LDAP. Click on the <b>Save</b> button to add user store.</li> <img src="/images/common-template-saml-images/ldap-options.webp" class="img_size" alt=" MFA : Activate LDAP options"/><br><br> <p>Here's the list of the attributes and what it does when we enable it. You can enable/disable accordingly.</p> <table id="attributes"> <tr> <th>Attribute</th> <th>Description</th> </tr> <tr> <td>Activate LDAP</td> <td>All user authentications will be done with LDAP credentials if you Activate it</td> </tr> <tr> <td>Sync users in miniOrange</td> <td>Users will be created in miniOrange after authentication with LDAP</td> </tr> <tr> <td>Fallback Authentication</td> <td>If LDAP credentials fail then user will be authenticated through miniOrange</td> </tr> <tr> <td>Allow users to change password</td> <td>This allows your users to change their password. It updates the new credentials in your LDAP server</td> </tr> <tr> <td>Enable administrator login</td> <td>On enabling this, your miniOrange Administrator login authenticates using your LDAP server</td> </tr> <tr> <td>Show IdP to users</td> <td>If you enable this option, this IdP will be visible to users</td> </tr> <tr> <td>Send Configured Attributes</td> <td>If you enable this option, then only the attributes configured below will be sent in attributes at the time of login</td> </tr> </table><br> <li>Click on <b>Save</b>. After this, it will show you the list of User stores. Click on <b>Test Connection</b> to check whether you have enter valid details. For that, it will ask for username and password.</li> <img src="/images/common-template-saml-images/ldap-test-connections.webp" class="img_size" alt=" 2FA: Test AD/Ldap connection"/><br><br> <li>On <b>Successful</b> connection with LDAP Server, a success message is shown.</li> <li>Click on <b>Test Attribute Mapping</b>.</li> <img src="/images/common-template-saml-images/attribute-mapping.webp" class="img_size" alt=" LDAP successful connection"/><br><br> <li>Enter a valid <b>Username</b>. Then, click on <b>Test</b>. Mapped Attributes corresponding to the user are <b>fetched</b>.</li> <img src="/images/common-template-saml-images/active-directory-fetched-attributes.webp" class="img_size" alt=" MFA: Fetch mapped attributes for user"/><br><br> <li>After successful Attribute Mapping Configuration, go back to the ldap configuration and enable <b>Activate LDAP</b> in order to authenticate users from AD/LDAP.</li> <p>Refer our <a href="/guide-to-setup-ldaps-on-windows-server" target="_blank">guide</a> to setup LDAPS on windows server.</p> </ul>  <h3 class="saml_heading_font"><b>User Import and Provisioning from AD</b></h3><br> <div class="install-help-box"><br> <p><b>Note: </b>Below steps are used to enable <b>one time or manual sync</b>. To enable sync on scheduled basis, you should use LDAP gateway module. <a href="/miniorange-ldap-gateway" target="_blank"><b>Read more and download</b></a> the LDAP gateway module.</p> </div> <br> <ul class="authen_sub_bullets"> <li>Go to <b>Settings >> Product Settings</b> in the Customer Admin Account.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet miniOrange dashboard" src="/images/template-images/switch-to-settings.webp" /><br><br> <li>Enable the "<b>Enable User Auto Registration</b>" option and click Save.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet Enable User Auto Registration" src="/images/common/enable-user-auto-register.webp" /><br><br> <li>(Optional) To send a welcome email to all the end users that will be imported, enable the "<b>Enable sending Welcome Emails after user registration</b>" option and click Save.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet Enable sending Welcome Emails after user registration" src="/images/common/enable-sending-welcome-emails-after-user-registration.webp" /><br><br> <li>From the Left-Side menu of the dashboard select <b>Provisioning</b>.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet User Sync/Provisioning " src="/images/vpn-template/vpn-user-sync.webp" /><br><br> <li>In <b>Setup Provisioning</b> tab select <b>Active Directory</b> in the Select Application drop-down.</li> <li>Toggle the <b>Import Users</b> tab, click on <b>Save</b> button.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet User Sync Active Directory Configuration" src="/images/template-images/ad-user-sync.webp" /><br><br> <li>On the same section, switch to <b>Import Users</b> section.</li> <li>Select <b>Active Directory</b> from the dropdown and click on the <b>Import Users</b> tab, to import all the users from Active Directory to miniOrange.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet User Sync Import Operation" src="/images/template-images/import-users.webp" /><br><br> <li>You can view all the Users you have imports by selecting <b>Users >> User List</b> from Left Panel.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet User List" src="/images/template-images/check-users-list.webp" /><br><br> <li>All the imported users will be auto registered.</li> <li>These groups will be helpful in adding multiple 2FA policies on the applications.</li> </ul> </section>  <section id="moidp-section" class="user-directory-section active-section"> <ul class="authen_sub_bullets"> <li>To add your users in miniOrange there are 2 ways: </li> <ul class="authen_sub_bullets"><ul> <p><a href="#create_user" class="linkcolor">1. Create User in miniOrange</a></p> <p><a href="#bulk_upload" class="linkcolor">2. Bulk Upload Users </a></p> </ul> </ul> <p class="subpoint" id="create_user"><b>1. Create User in miniOrange</b></p> <ul class="authen_sub_bullets"> <li>Click on <b>Users >> User List >> Add User</b>.</li> <img src="/images/common-template-saml-images/add-user.webp" class="img_size" alt=" VPN 2FA : Add user in miniOrange" /><br><br> <li>Here, fill the user details without the password and then click on the <b>Create User</b> button.</li> <img src="/images/common-template-saml-images/add-user-details.webp" class="img_size" alt=" MFA: Add user details" /><br><br> <li>After successful user creation a notification message <b>"An end user is added successfully"</b> will be displayed at the top of the dashboard.</li> <img src="/images/common-template-saml-images/user-added-successfully.webp" class="img_size" alt=" Two-Factor Authentication: Add user details" /><br><br> <li>Click on <b>Onboarding Status tab</b>. Check the email, with the registered e-mail id and select action <b>Send Activation Mail with Password Reset Link</b> from <b>Select Action</b> dropdown list and then click on <b>Apply</b> button.</li> <img src="/images/common-template-saml-images/email-action.webp" class="img_size" alt=" 2FA: Select email action" /><br><br> <li>Now, Open your email id. Open the mail you get from miniOrange and then click on the <b>link</b> to set your account password.</li> <li>On the next screen, enter the password and confirm password and then click on the <b>Single Sign-On (SSO) reset password</b> button.</li> <img src="/images/common-template-saml-images/reset-your-pwd.webp" class="img_size" alt=" Multi-Factor Authentication: Reset user password" /><br id="menu3"><br> <li>Now, you can log in into miniOrange account by entering your credentials.</li> </ul>  <p class="subpoint" id="bulk_upload"><b>2. Bulk Upload Users in miniOrange via Uploading CSV File.</b></p> <ul class="authen_sub_bullets"> <li>Navigate to <b>Users >> User List</b>. Click on <b>Add User</b> button.</li> <img src="/images/common-template-saml-images/user-list.webp" class="img_size" alt=" 2FA: Add users via bulk upload" /><br><br> <li>In Bulk User Registration <b>Download sample csv format</b> from our console and edit this csv file according to the instructions.</li> <img src="/images/common-template-saml-images/download-sample-file-csv.webp" class="img_size" alt=" Two-Factor authentication: Download sample csv file" /><br><br> <li>To bulk upload users, choose the file make sure it is in <b>comma separated .csv file format</b> then click on Upload.</li> <img src="/images/common-template-saml-images/bulk-upload-file.webp" class="img_size" alt=" 2FA : Bulk upload user" /><br><br> <li>After uploading the csv file successfully, you will see a success message with a link.</li> <li>Click on that link you will see list of users to send activation mail. Select users to send activation mail and click on Send Activation Mail. An activation mail will be sent to the selected users.</li> </ul> </section> </section> <br> <script> function supportreq(){ $('.support-form-container').show(); $('#support-form .what_you_looking_for').val('Technical Support'); } $(document).ready(function(){ $(".user-dir").css('border-bottom','1px solid #2c8686'); $("#aduserstore").css('border-bottom','4px solid #2c8686'); $(".user-directory-section").css('display','none'); $("#aduserstore-section").css('display','block'); $(".user-dir").click(function(){ $(".user-directory-section").css('display','none'); $("#" + $(this).attr('id') + "-section").css('display','block'); $(".user-dir").css('border-bottom','1px solid #2c8686'); $(this).css('border-bottom','4px solid #2c8686'); }); }); </script> <h3 id="create-user-group" class="saml_heading_font">Creating User Groups (Recommended)</h3> <section class="tab-style"> <section class="tabs tabs-style-underline"> <ul class="tab-des"> <li class="tab-us usr-grps adprovisioning tabs-default"><a class="tab-link"><span class="span-idp">AD user group</span></a></li> <li class="tab-us usr-grps moprovisioning"><a class="tab-link"><span class="span-idp">miniOrange user group</span></a></li> </ul> </section><br> <section id="adprovisioning-section" class="user-sync-section active-section"> <ul class="authen_sub_bullets"> <li>This step involves Importing the user group from the Active Directory and Provisioning them.</li> <li>Go to <b>Provisioning</b>. Switch to <b>Setup Provisioning</b> tab and select <b>Active Directory</b> from Dropdown menu.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet : Select Active Directory (AD)" src="/images/template-images/select-provisioning.webp" /><br><br> <li>Select <b>Group Provisioning/Deprovisioning</b> tab, and toggle on <b>Import Group</b> option.</li> <li>Enter the <b>Base DN</b> for group sync and click <b>Save</b>.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet : Enter BaseDN" src="/images/template-images/enter-basedn.webp" /><br><br> <li>If you want to dynamically allocate users to the groups present in the miniOrange, then enable <b>"Assign Users to groups"</b></li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet : Switch on import Group" src="/images/template-images/select-ad-group-provisioning.webp" /><br><br> <li>Now switch to <b>Import Groups</b> option and select <b>Active Directory</b> from which you want to import your users.</li> <li>Finally, click on <b>Import</b> button. Your group will be imported.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet : User group imported successfully" src="/images/template-images/ad-users-import.webp" /><br><br> <p><i> (The Active Directory Group Provisioning (Sync) setup is done. Now, whenever a user is created or modified in LDAP server and if the Assign Users to groups is enabled, then user group attribute from the LDAP server will be automatically synced and the user group will be assigned or changed accordingly in miniOrange.)</i></p> </ul> </section> <section id="moprovisioning-section" class="user-sync-section"> <ul class="authen_sub_bullets"> <li>Select <b>Groups >> Manage Groups</b> from left panel.</li> <li>Click on the <b>Create Group</b> button on the top.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet Manage Groups" src="/images/template-images/manage-groups.webp" /><br><br> <li>Enter an appropriate <b>Group Name</b> and click on <b>Create Group</b>.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet Create Groups" src="/images/template-images/create-group.webp" /><br><br> <li>In this guide we have created a Group by name <b>VPN_Group.</b></li> <li>Assign various members to the group using the <b>Assign User</b> option associated with the group in the groups list.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet User Assign" src="/images/template-images/assign-users.webp" /><br><br> <li>Select the Users that are required to be assigned to this group. Then Select <b>Assign to Group</b> in Select Action Dropdown and click on Apply button.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet Assignment to Group" src="/images/template-images/assign-users-to-group.webp" /><br><br> <li>These groups will be helpful in adding multiple <b>2FA policies</b> on the applications.</li> </ul> </section> </section> <br><br> <h3 id="step4" class="listas-sub saml_heading_font" data-navtext="4. Setup MFA for Fortinet">4. Setup MFA for Fortinet</h3> <div class="install-help-box"> <p><b>Note:</b> You can follow <a href="/iam/customize-mfa-for-end-users" target="_blank">this guide</a>, if you want to customize and enroll MFA for end users.</p> </div> <br> <ul class="authen_sub_bullets"> <li>Here, we will <b>configure a policy</b> for the User Group that we created in <a href="#create-user-group">this step</a> and associate it with the Fortinet VPN Application.</li> <li>Click on <b>Policies tab >> App Login Policy.</b></li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet App Authentication Policy" src="/images/template-images/select-app-login-policy.webp" /><br><br> <li>Click on <b>Add Policy tab</b>.</li> <li>In Application section, select the <b>TACACS App</b> that we configured earlier in Step 1.</li> <li>Select the required User Group in <b>Group Name</b> and enter the <b>Policy name</b>.</li> <li>In this guide, we will configure a <b>Password Only</b> policy for <b>"VPN_Group"</b>, so that only the VPN_Group members can access VPN Services without a Second Factor.</li> <li>Once done with the policy settings, click on <b>Save</b> to Add Policy.</li> <img class="img_size" alt="MFA/Two-Factor Authentication(2FA) for Fortinet App Add Policy" src="/images/vpn-template/save-vpn-policy.webp" /><br><br> </ul> <script> $(document).ready(function(){ $(".usr-grps").css('border-bottom','1px solid #2c8686'); $(".adprovisioning").css('border-bottom','4px solid #2c8686'); $(".aduserstore").css('border-bottom','4px solid #2c8686'); $(".user-sync-section").css('display','none'); $("#adprovisioning-section").css('display','block'); $(".adprovisioning").click(function(){ $(".user-sync-section").css('display','none'); $("#adprovisioning-section").css('display','block'); $(".moprovisioning").css('border-bottom','1px solid #2c8686'); $(".adprovisioning").css('border-bottom','4px solid #2c8686'); }); $(".moprovisioning").click(function(){ $(".user-sync-section").css('display','none'); $("#moprovisioning-section").css('display','block'); $(".adprovisioning").css('border-bottom','1px solid #2c8686'); $(".moprovisioning").css('border-bottom','4px solid #2c8686'); }); }); </script> <br> <h3 id="step5" class="listas-sub saml_heading_font" data-navtext="5. Test Fortinet MFA">5. Test Fortinet MFA</h3> <ul class="authen_sub_bullets"> <li>Download FortiClient from <a href="https://www.fortinet.com/" re="nofollow" target="_blank">www.forticlient.com</a>.</li> <li>Open the FortiClient Console and go to <b>Remote Access</b> > <b>Configure VPN</b>.</li> <li>Add a new connection:</li> <ul class="authen_sub_bullets"> <li>Set the connection name.</li> <li>Set Remote Gateway to <vpn_server_ip>.</li> <li>Select Customize Port and set it to 10443.</li> </ul> <li>Save your settings.</li>  <li>Login to Forticlient and enter <b>Username</b> and <b>Password</b>.</li> <img class="img_size" alt="MFA 2FA Multi-Factor / Two-Factor Authentication for Fortinet : Login to FortiClient" src="/images/fortinet/fortinet-vpn-login-console.png" /><br><br> <li>It will prompt for a <b>Second Factor Code</b> if you have Enabled 2-Factor Authentication in miniOrange Policy.</li> <img class="img_size" alt="MFA 2FA Multi-Factor / Two-Factor Authentication for Fortinet : Submit 2FA Code" src="/images/fortinet/fortinet-vpn-login-console-2fa.png" /><br><br> <li>Enter your <b>2-Factor Code</b> and you should be connected to the VPN.</li> <li><b>NOTE:</b> While configuring <b>IPSec VPN</b> connection in <b>FortiClient</b> make sure to use the <b>Pre-Shared key</b> of the IPSec Tunnel that was created <b><u>LAST</u></b>. Fortinet has issues if multiple IPSec Tunnels are present at <b>FortiGate</b> Server.</li> <li>On passing the valid credentials you can see the screen below:</li> <img class="img_size" alt="MFA 2FA Multi-Factor / Two-Factor Authentication for Fortinet : Forticlient VPN Login Success" src="/images/fortinet-vpn/fortinet-vpn-login-sucess.png" /><br><br> <li>If you enter an incorrect value you will be redirected to the below screen.</li> <img class="img_size" alt="MFA 2FA Multi-Factor / Two-Factor Authentication for Fortinet : Message if Login fails" src="/images/fortinet-vpn/fortinet-vpn-login-failure.png" /><br><br> </ul><br> <h3 id="troubleshooting" class="listas-main saml_heading_font" data-navtext="Troubleshooting">Troubleshooting</h3> <div class="panel-group" id="accordion"> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting1" class="d-block csr-ptr"> Error Message - Can't connect to Radius Server?<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting1" class="panel-collapse collapse"> <div class="panel-body"> <p><b>Cause</b>: Either the firewall has multiple outgoing IPs or Fortinet UI is not working.</p> <p><b>Solution</b>: Check for the configuration and use static ip for firewall and try test authentication using CLI.</p> <p>Enter the following command in CLI to test connection:</p> <code>#diagnose test authserver radius <server_name> <chap | pap | mschap | mschap2> <username> <password></code> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting2" class="d-block csr-ptr"> Steps to setup admin 2FA:<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting2" class="panel-collapse collapse"> <div class="panel-body"> <ul class="authen_sub_bullets"> <li>Login to Admin dashboard and click on <b>CLI icon (>_)</b>.</li> <img class="img_size" alt="Fortinet Multi-Factor Authentication (MFA/2FA) Two-Factor Authentication for CLI Troubleshooting" src="/images/fortinet-vpn/fortinet-cli.webp" /><br><br> <code><br>#config user radius<br>edit "<server_name>"<br>set server "<vpn_server_ip>"<br>set secret SUPERSECRETPASSWORD<br>set auth-type <chap | pap | mschap | mschap2><br>next<br>end </code> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting3" class="d-block csr-ptr">User group configuration with the Radius server user group:<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting3" class="panel-collapse collapse"> <div class="panel-body"> <code><br>#config user group<br>edit "radiusgroup"<br>set member "<server_name>"<br>config match<br>edit 1<br>set server-name "<server_name>"<br>set group-name "radiusgroup"<br>next<br>end<br>next<br>end </code> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting4" class="d-block csr-ptr">Local admin account configuration with the remote authentication and local backup password:<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting4" class="panel-collapse collapse"> <div class="panel-body"> <code><br>#config system admin<br>edit "radiusadmin"<br>set remote-auth enable<br>set accprofile "super_admin"<br>set vdom "root"<br>set remote-group "radiusgroup"<br>set password fortinetlocal<br>next<br>end<br> </code> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting5" class="d-block csr-ptr">How can I check RADIUS User audit logs in miniOrange admin dashboard?<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting5" class="panel-collapse collapse"> <div class="panel-body"> <ul class="authen_sub_bullets"> <li>Login to <a href="https://login.xecurify.com/moas/login" target="_blank">miniOrange Admin Dashboard</a>.</li> <li>Click on <b>Reports</b> >> <b>Radius User Authentication Report</b>.</li> <img class="img_size" alt="Fortinet Multi-Factor Authentication (MFA/2FA) Two-Factor Authentication : Authentication Reports" src="/images/vpn-template/radius-audit-reports.webp" /><br><br> <li>Enter <b>Enduser Identifier</b> and <b>Date range</b>.</li> <li>Click on <b>Search</b>.</li> <img class="img_size" alt="Fortinet Multi-Factor Authentication (MFA/2FA) Two-Factor Authentication : Enduser Authentication Logs" src="/images/vpn-template/radius-audit-logs.webp" /><br><br> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#troubleshooting6" class="d-block csr-ptr">Fortinet firewall admin CLI log in asking for reset password when logging with 2FA enabled<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="troubleshooting6" class="panel-collapse collapse"> <div class="panel-body"> <p><b>Cause</b>: This is because the server(from putty) does not read our 2FA challenge message.</p> <p><b>Solution</b>: Put received OTP in both New Password and Confirm Password.</p> </div> </div> </div> </div><br><br> <h3 id="faqs" class="listas-main saml_heading_font" data-navtext="FAQs">Frequently Asked Questions (FAQs)</h3> <div class="panel-group" id="accordion"> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#faq1" class="d-block csr-ptr">Does Fortinet VPN support MFA? <span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="faq1" class="panel-collapse collapse"> <div class="panel-body"> <p>Yes, Fortinet VPN supports <a href="/products/multi-factor-authentication-mfa"> MFA </a>. This includes integration with miniOrange, which offers a variety of over <a href="/products/multi-factor-authentication-mfa-methods"> 15 different MFA methods </a>. While FortiToken is an available option, many users find the diverse and robust MFA methods provided by miniOrange to be a comprehensive and cost-effective solution.</p> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#faq2" class="d-block csr-ptr">How to enable MFA in FortiGate?<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="faq2" class="panel-collapse collapse"> <div class="panel-body"> <p>To enable MFA in FortiGate, you need to configure FortiGate in the miniOrange Admin Console and set up the 2FA method for end users. miniOrange provides a robust solution, acting as a RADIUS server that validates users and prompts them for 2-factor authentication.<br> <b>Enabling MFA in FortiGate using miniOrange is easy. You need to:</b></p> <ul class="authen_bullets"> <li> Set up miniOrange as a RADIUS server.</li> <li> Configure user authentication.</li> <li> Enable 2-factor authentication.</li> <li> Test the setup.</li> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#faq3" class="d-block csr-ptr">Can I use Google Authenticator for FortiGate?<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> <p>Absolutely, Google Authenticator can be used with various platforms, including FortiGate. However, when it comes to versatility and user-friendly experience, miniOrange stands out with its support for Google Authenticator and other TOTP-based/OTP Login 2FA methods, enhancing security across multiple platforms.<br> </div> <div id="faq4" class="panel-collapse collapse"> <div class="panel-body"> <p>Depending on the <a href="/integrations/vpn-mfa-multi-factor-authentication">VPN client</a>, 2-factor authentication can take two forms..</p> <ul class="authen_bullets"> <li> VPN Clients that support RADIUS Challenge.</li> <li> VPN Clients that do not support RADIUS Challenge.</li> </ul> </div> </div> </div> <div class="panel panel-default"> <div class="panel-heading csr-ptr"> <h4 class="panel-title" data-toggle="collapse" data-parent="#accordion" data-target="#faq4" class="d-block csr-ptr">What are different 2FA methods for Fortinet supported by miniOrange?<span class="pull-right"> <i class="fas fa-chevron-down"></i> </span></h4> </div> <div id="faq4" class="panel-collapse collapse"> <div class="panel-body"> <p>miniOrange supports multiple <b>2FA/MFA authentication </b> methods for Fortinet secure access such as, <b>Push Notification, Soft Token, Microsoft / Google Authenticator etc</b>. <table id="methods" class="table table-striped table-bordered"> <tr><th>Authentication Type</th><th>Method</th><th>Supported</th></tr> <tr><td rowspan="2"><b>miniOrange Authenticator </b></td><td><b>Soft Token</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>miniOrange Push Notification </b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td rowspan="3"><b>Mobile Token </b></td><td><b>Google Authenticator </b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>Microsoft Authenticator </b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td> <tr><td><b>Authy Authenticator </b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td rowspan="2"><b>SMS</b></td><td><b>OTP Over SMS</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>SMS with Link</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></tr> <tr><td rowspan="2"><b>Email</b></td><td><b>OTP Over Email</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>Email with Link</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>Call Verification</b></td><td><b>OTP Over Call</b></td><td class="text-center"><span style="color: #00FF00;"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td rowspan="2"><b>Hardware Token </b></td><td><b>YubiKey Hardware Token</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> <tr><td><b>Display Hardware Token</b></td><td class="text-center"><span style="color: #4CAF50;"><i class="fa fa-check"></i></span></td></tr> </table> </div> </div> </div> </div><br><br> <h3 id="references" class="listas-main saml_heading_font" data-navtext="Further References">Further References</h3> <ul class="authen_sub_bullets"> <li><a href="/products/two-factor-authentication-(2fa)" target="_blank">What is Two-Factor Authentication (MFA) security & How does it work?</a></li> <li><a href="/iam/solutions/secure-network-devices" target="_blank">Secure Infrastructure Network Devices with MFA </a></li> <li><a href="/iam/solutions/vpn-mfa-multi-factor-authentication" target="_blank">How miniOrange provides MFA for all VPN clients?</a></li> <li><a href="/products/adaptive-multi-factor-authentication-mfa" target="_blank">What is Adaptive Multi-Factor Authentication?</a></li> <li><a href="/iam/solutions/ldap-mfa" target="_blank">What is LDAP MFA? How Does it Work?</a></li> <li><a href="/essential-eight-security" target="_blank">Essential 8 Security Compliance</a></li> </ul> </div> </div> </div> <div class="expand-wrapper" id="quote-box"> <div class="expand-opening-box"> <div class="sales-query-msg-model"> <span class="info-icon"> <i class="fas"></i>   </span> <span class="sales-demo-msg">' </span> </div> <p> <span class="prod-close-opening-box">x</span> </p> <form id="mo_external_contact_form"> <div class="col-md-6"> <label for="name">Name </label><span class="text-danger"> *</span> <input type="text" id="mo_external_contact_form_name" class="input-text" name="name" required /> </div> <div class="col-md-6"> <label for="email">Email </label><span class="text-danger"> *</span><br><input type="email" id="mo_external_contact_form_email" class="input-text" name="email" required="true" /><br><br> </div> <div class="col-md-6"> <div class="form-group" id="phoneFieldContainer"> <label for="phone">Phone</label> <div class="phone-container phone-container-row"> <div class="country-code-container country-code-container-row"> <input id="countryCodes" class="input-text country-code-format"> </div> <div class="phone-no-flex"> <input type="text" id="mo_external_contact_form_phone" class="input-text contact-no-field" placeholder="Phone Number" name="phone" maxlength="12" pattern="[\+]?[0-9]{1,4}[\s]?([0-9]{8,})?"> </div> </div> </div><br> </div> <div class='col-md-6'><label for='domain_user'>Number of Users</label><span class='text-danger'> *</span><br> <input type='text' pattern='\d+' id='usertier' data-mailkey='Number of Users' name='domain-user' class='mo_external_contact_form_extra_info input-text' required /><br><br> </div><br> <div class="col-md-12"> <label for="query">Query </label><br><textarea id="mo_external_contact_form_query" name="query" rows="8" cols="60" class="quote-form-box-query input-text"></textarea><br><br> <input class="btn prod-banner-btn" type="submit" name="sales_btn" value="Request a Quote" id="sales_submit_button" /> </div> </form> <p class="mo-idp-submit-success-msg" id="moExternalContactFormSuccessMsg"><i class="fas fa-check-circle text-success"></i>  Thank you for your response. We will get back to you soon.</p> <p class="mo-idp-submit-error-msg" id="moExternalContactFormErrorMsg">Please enter you work email-id</p> <input hidden id="mo_external_contact_form_look" value="Request A Quote"> </div> </div> <script> function supportreq(){ $('.support-form-container').show(); $('#support-form .what_you_looking_for').val('Sales Enquiry'); } $(document).ready(function() { jQuery(".country-code-format").intlTelInput(); jQuery('.country-code-format').prop('readonly', true); }); function moExternalContactFormSuccessMsg() { $("#moExternalContactFormSuccessMsg").show(), setTimeout(function () { $("#moExternalContactFormSuccessMsg").hide(); }, 5e3), $("#moExternalContactFormErrorMsg").hide(), setTimeout(function () { window.location.reload(); }, 2e3); } function moExternalContactFormErrorMsg() { $("#moExternalContactFormErrorMsg").show(), setTimeout(function () { $("#moExternalContactFormErrorMsg").hide(); }, 5e3), $("#moExternalContactFormSuccessMsg").hide(); resetValues(); } function resetValues() { document.getElementById('mo_external_contact_form_email').value = ''; } function openuserform() { $('.expand-wrapper').show(); } $('.prod-close-opening-box').click(function() { $('.expand-wrapper').fadeOut(); }); </script>  <script src='https://www.google.com/recaptcha/api.js'></script> <script> $.getScript("https://www.google.com/recaptcha/api.js"); window.onload = function() { var $recaptcha = document.querySelector('#g-recaptcha-response'); if ($recaptcha) { $recaptcha.setAttribute("required", "required"); $recaptcha.setAttribute('aria-label', 'Captcha verification'); } }; </script> <style> #g-recaptcha-response { display: block !important; position: absolute; margin: -78px 0 0 0 !important; width: 302px !important; height: 76px !important; z-index: -999999; opacity: 0; } </style>  <script src="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/js/bootstrap-datepicker.min.js" integrity="sha512-T/tUfKSV1bihCnd+MxKD0Hm1uBBroVYBOYSk1knyvQ9VyZJpc/ALb4P0r6ubwVPSGB2GvjeoMAJJImBG12TiaQ==" crossorigin="anonymous" referrerpolicy="no-referrer"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.13.0/moment.min.js"></script> <script src="https://cdnjs.cloudflare.com/ajax/libs/moment-timezone/0.5.3/moment-timezone-with-data.min.js"></script> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker.min.css" integrity="sha512-mSYUmp1HYZDFaVKK//63EcZq4iFWFjxSL+Z3T/aCt4IO9Cejm03q3NKKYN6pFQzY0SBOr8h+eCIAZHPXcpZaNw==" crossorigin="anonymous" referrerpolicy="no-referrer" /> <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/bootstrap-datepicker/1.9.0/css/bootstrap-datepicker.standalone.min.css" integrity="sha512-TQQ3J4WkE/rwojNFo6OJdyu6G8Xe9z8rMrlF9y7xpFbQfW5g8aSWcygCQ4vqRiJqFsDsE1T6MoAOMJkFXlrI9A==" crossorigin="anonymous" referrerpolicy="no-referrer" /> <div class="row background-img-dot"> <div class="container" id="request-demo-section"> <div class="request-demo-wrapper"> <h2 class="request-demo-heading" id="request-demo" style="margin-top:50px;">Want To Schedule A Demo?</h2> <div class="request-demo-card"> <div class="col-md-5"> <img src="/images/product-page/request-demo-banner.webp" height="380px" width="auto" alt="Request a Demo" loading="lazy"> </div> <div class="col-md-7"> <div class="request-demo-msg-modal"> <span class="info-icon"><i class="fas"></i>  </span> <span class="request-demo-msg"></span> </div> <form method="POST" action="" class="request_demo_form" id="request_demo_form"> <div class="form-group contact-column"> <label>Work Email <span class="text-danger">*</span></label> <input aria-label="Work Email" type="email" name="contact_email" id="request_demo_email" required="true" placeholder="Enter valid email" class="form-control bft-textarea"> </div><br> <div class="form-group contact-column" id="phoneFieldContainer"> <label for="phone"> <p><b>Phone*</b></p> </label> <div class="phone-container"> <div class="country-code-container"> <input aria-label="Country Code" id="countryCodes" class="field-label-text country-codes-format form-control bft-textarea"> </div> <div class="phone-no-flex"> <input aria-label="Phone Number" type="tel" id="request_demo_phone" class="field-label-text phone-container-field form-control bft-textarea" placeholder="Phone Number" name="phone" required pattern="[\+]?[0-9\s\-]{1,15}" maxlength="15"> </div> </div> </div><br> <div class="form-group contact-column"> <label for="checkin" class="field-label">Book your time slot</label><br> <div class="book-slot-section"> <div class="datetime-input"> <label for="checkin" class="field prepend-icon"> <input aria-label="Calendar" type="datetime-local" id="checkin" max="2100-12-31T23:59" name="calendar" onclick="this.showPicker()" class="gui-input form-control bft-textarea" placeholder="mm/dd/yyyy"> </div> <div class="timezone-input"> <select aria-label="Timezone" class="form-control bft-textarea" id="dropdownTimeZone"></select> </div> </div> </label> </div> <div class="g-recaptcha" id="rcaptcha" data-sitekey="6LdxQgUhAAAAALdpow7WAwz8AWa9wWmKICf3650N"></div> <span id="captcha" style="color:red;"></span>  <input aria-label="Submit Request Demo" class="btn prod-banner-btn" type="submit" name="request_demo_btn" value="Request Demo" id="request_demo_submit_button" /> </form> </div> </div> </div> </div> </div> <style> </style> <script> var invalid = false; $(document).ready(function() { $(".country-codes-format").intlTelInput(); $(".country-codes-format").prop('readonly', true); $(".country-codes-format").addClass("form-control[readonly]"); $('#request_demo_email').on('keyup', function() { var email = $(this).val().toLowerCase(); if (email.endsWith("@gmail.com") || email.endsWith('@yahoo.com') || email.endsWith('@hotmail.com') || email.endsWith('@protonmail.com') || email.endsWith('@yahoo.co.in') || email.endsWith('@outlook.com')) { fail(); invalid = true; } else if (invalid) { $('.request-demo-msg-modal').slideToggle("slow", "linear"); invalid = false; } }); }); function isValidEmail(email) { if (email.toLowerCase().endsWith("@gmail.com") || email.toLowerCase().endsWith('@yahoo.com') || email.toLowerCase().endsWith('@hotmail.com') || email.toLowerCase().endsWith('@protonmail.com') || email.toLowerCase().endsWith('@yahoo.co.in') || email.toLowerCase().endsWith('@outlook.com')) { fail(); } return true; } function success() { $('.request-demo-wrapper .request-demo-msg-modal').removeClass('text-danger bg-danger'); $('.request-demo-wrapper .request-demo-msg-modal').addClass('text-success bg-success'); $('.request-demo-wrapper .request-demo-msg-modal i').removeClass('fa-info-circle'); $('.request-demo-wrapper .request-demo-msg-modal i').addClass('fa-check-circle'); $('.request-demo-wrapper .request-demo-msg-modal .request-demo-msg').text('Thank you for reaching out to us. We will get back to you soon.'); $('.request-demo-msg-modal').hide(); $('.request-demo-msg-modal').slideToggle("slow", "linear"); $('#request_demo_email,#request_demo_phone').val(''); setTimeout(function() { $('#checkin').val(''); }, 200); setTimeout(function() { loadTimeZoneList(); }, 50); // setTimeout(function(){$('.request-demo-msg-modal').slideToggle("slow","linear");},3000); } function fail() { $('.request-demo-wrapper .request-demo-msg-modal').removeClass('text-success bg-success'); $('.request-demo-wrapper .request-demo-msg-modal').addClass('text-danger bg-danger'); $('.request-demo-wrapper .request-demo-msg-modal i').removeClass('fa-check-circle'); $('.request-demo-wrapper .request-demo-msg-modal i').addClass('fa-info-circle'); $('#request_demo_email').val(''); $('.request-demo-wrapper .request-demo-msg-modal .request-demo-msg').text('Please use Your Business Email.'); if (!invalid) $('.request-demo-msg-modal').slideToggle("slow", "linear"); // setTimeout(function(){$('.request-demo-msg-modal').slideToggle("slow","linear");},3000); } </script> <script> var next_day = new Date(new Date().setDate(new Date().getDate() + 1)).toISOString().slice(0, 16); var final = parseInt(next_day); document.getElementsByName("calendar")[0].min = next_day; function loadTimeZoneList() { let select = document.getElementById("dropdownTimeZone"); select.innerHTML = ""; let browserTimeZone = moment.tz.guess(); let timeZones = moment.tz.names(); timeZones.forEach((timeZone) => { option = document.createElement("option"); option.textContent = `${timeZone} (GMT${moment.tz(timeZone).format('Z')})`; option.value = timeZone; if (timeZone == browserTimeZone) { option.selected = true; } select.appendChild(option); }); } function init() { loadTimeZoneList(); } init(); </script> <div class="compare-box"> <p class="h1 other-prod-main-heading">Our Other Identity & Access Management Products</p> <div class="other-prod-box"> <div class="other-prod-section"> <a href="/products/single-sign-on-sso"> <div class="other-product-box"> <span class="fa-stack fa-2x"> <i class="fa fa-circle-thin fa-stack-2x"></i> <i class="fas fa-sitemap other-prod-icon fa-stack-1x"></i> </span> </div> <h4 class="other-prod-heading">Single Sign-On</h4> <p class="other-prod-text">Seamless login for workforce and customer identity to cloud or on-premise apps</p> <span class="other-prod-link">Learn more</span> </a> </div> <div class="other-prod-section"> <a href="/products/multi-factor-authentication-mfa"> <div class="other-product-box"> <span class="fa-stack fa-2x"> <i class="fa fa-circle-thin fa-stack-2x"></i> <i class="fas fa-fingerprint other-prod-icon fa-stack-1x"></i> </span> </div> <h4 class="other-prod-heading">Multi-factor Authentication</h4> <p class="other-prod-text">Secure access for identities with an additional layer of authentication</p> <span class="other-prod-link">Learn more</span> </a> </div> <div class="other-prod-section"> <a href="/products/adaptive-multi-factor-authentication-mfa"> <div class="other-product-box"> <span class="fa-stack fa-2x"> <i class="fa fa-circle-thin fa-stack-2x"></i> <i class="far fa-comment-dots other-prod-icon fa-stack-1x"></i> </span> </div> <h4 class="other-prod-heading">Adaptive Authentication</h4> <p class="other-prod-text">Block or grant user access based on IP, Device, Time & Location</p> <span class="other-prod-link">Learn more</span> </a> </div> <div class="other-prod-section"> <a href="/products/user-provisioning"> <div class="other-product-box"> <span class="fa-stack fa-2x"> <i class="fa fa-circle-thin fa-stack-2x"></i> <i class="fas fa-user-plus other-prod-icon fa-stack-1x"></i> </span> </div> <h4 class="other-prod-heading">Lifecycle Management</h4> <p class="other-prod-text">Manage & automate user provisioning and deprovisioning to apps</p> <span class="other-prod-link">Learn More</span> </a> </div> </div> </div><footer id="footerId" class="footer-main-container"> <nav class="footer-main"> <div class="footer-container"> <div class="row"> <div class="col-md-12 col-xs-12 col-sm-12"> <div class="col-md-3 col-xs-12 col-sm-12"> <img class="mo-footer" src="/images/footer/miniorange-white.webp" alt="miniorange logo"> <div class="left-most-outer-containe margin-top-1"> <div class="margin-top-1"> <div class="footer-inner-phone-details"> <span class="fa fa-phone"></span> </div> <div> <p class="footer-phone-text">+1 978 658 9387 (US)<br>+91 97178 45846 (India)</p> </div> </div> <div> <div class="footer-email-details"> <span class="fa fa-envelope"></span> </div> <div class="footer-email-text"> <p><a href="mailto:info@xecurify.com">info@xecurify.com</a></p> </div> </div> <button class="btn primary-btn" onclick="location.href='/contact'">Contact Us  <img src="/images/iam-icons/arrow-right.svg" class="mo-footer-contact-arrow" alt="Arrow right"></button> <div class="margin-top-1"> <h4 class="footer-stay-connected margin-top-1">STAY CONNECTED</h4> <a href="https://www.linkedin.com/company/miniorange" title="Linkedin" rel="noreferer, noopener" target="_blank" class="footer-text-decoration"> <span class="fa-stack social-icon-outer-font"><img src="/images/footer/linkedin.svg" alt="LinkedIn"></span></a> <a href="https://www.youtube.com/channel/UCxQuL2JNo8HA4baZSIjcgRg" title="YouTube" rel="noreferer, noopener" target="_blank" class="footer-text-decoration"> <span class="fa-stack social-icon-outer-font"> <img src="/images/footer/youtube.svg" alt="YouTube"> </span></a> <a href="https://twitter.com/miniOrange_Inc" title="Twitter" target="_blank" rel="noreferer, noopener" class="footer-text-decoration"> <span class="fa-stack social-icon-outer-font"> <img src="/images/footer/x-twitter.svg" alt="X Twitter"> </span></a> <a href="https://www.facebook.com/miniorangeinc/" title="Facebook" rel="noreferer, noopener" target="_blank" class="footer-text-decoration"> <span class="fa-stack social-icon-outer-font"> <img src="/images/footer/facebook.svg" alt="Facebook"> </span></a> <a href="https://www.instagram.com/miniorange_security/" title="Instagram" rel="noreferer, noopener" target="_blank" class="footer-text-decoration"> <span class="fa-stack social-icon-outer-font"> <img src="/images/footer/instagram.svg" alt="Instagram"> </span></a> </div> </div> </div> <div class="col-md-9 col-xs-12 col-sm-12 margin-top-1"> <div class="col-md-12"> <div class="col-md-5"> <p class="footer-item-heading">Products</p> <ul class="footer-main-sub-items"> <li><a href="/iam">Identity & Access Management</a></li> <li><a href="/iam/customer-identity-access-management-ciam">Customer Identity & Access Management</a></li> <li><a href="/products/privileged-access-management-pam">Privileged Access Management</a></li> <li><a href="/casb">Cloud Access Security Broker</a></li> <li><a href="/products/access-gateway">Access Gateway</a></li> </ul> </div> <div class="col-md-2"> <p class="footer-item-heading">Plugins</p> <ul class="footer-main-sub-items"> <li><a href="https://plugins.miniorange.com/wordpress" target="_blank" class="footer-text-decoration">WordPress</a></li> <li><a href="https://www.miniorange.com/atlassian" target="_blank" class="footer-text-decoration">Atlassion</a></li> <li><a href="https://plugins.miniorange.com/shopify" target="_blank" class="footer-text-decoration">Shopify</a></li> <li><a href="https://plugins.miniorange.com/drupal" target="_blank" class="footer-text-decoration">Drupal</a></li> <li><a href="https://plugins.miniorange.com/joomla" target="_blank" class="footer-text-decoration">Joomla</a></li> <li><a href="https://plugins.miniorange.com/magento" target="_blank" class="footer-text-decoration">Magento</a></li> <li><a href="https://plugins.miniorange.com/moodle" target="_blank" class="footer-text-decoration">Moodle</a></li> </ul> </div> <div class="col-md-2"> <p class="footer-item-heading">Company</p> <ul class="footer-main-sub-items"> <li><a href="/about_us" target="_blank" class="footer-text-decoration">Our Story</a></li> <li><a href="/iam/why-miniorange" target="_blank" class="footer-text-decoration">Why Us</a></li> <li><a href="/newsandevents" target="_blank" class="footer-text-decoration">News</a></li> <li><a href="/career" target="_blank" class="footer-text-decoration">Careers</a></li> <li><a href="/iam/partners" target="_blank" class="footer-text-decoration">Partners</a></li> <li><a href="/customers" target="_blank" class="footer-text-decoration">Customers</a></li> </ul> </div> <div class="col-md-3"> <p class="footer-item-heading">Help and Support</p> <ul class="footer-main-sub-items"> <li><a href="https://faq.miniorange.com" target="_blank" class="footer-text-decoration">Frequently Asked Questions</a></li> <li><a href="/contact" target="_blank" class="footer-text-decoration">Contact Us</a></li> <li><a href="https://forum.miniorange.com" target="_blank" class="footer-text-decoration">Forum</a></li> <li><a href="https://developers.miniorange.com" target="_blank" class="footer-text-decoration">Developer Docs</a></li> </ul> <p class="footer-item-heading pd-tp-tw">Resources</p> <ul class="footer-main-sub-items"> <li><a href="https://www.youtube.com/channel/UCxQuL2JNo8HA4baZSIjcgRg" rel="noreferer, noopener" target="_blank" class="footer-text-decoration">Videos</a></li> <li><a href="/blog" target="_blank" class="footer-text-decoration">Blogs</a></li> <li><a href="/iam/webinar" target="_blank" class="footer-text-decoration">Webinars</a></li> </ul> </div> </div> </div> </div> </div> <div class="pd-tp-tw"></div> </div> </nav> <section class="mo-footer-copyright"> <div class="footer-container text-center"> <span> © Copyright  2024  miniOrange Security Software Pvt Ltd. All Rights Reserved. <a href="/disclaimer" target="_blank" class="social-icon-color disclaimer-text">Disclaimer</a></span> </div> </section> <a href="javascript:" id="return-to-top"><i class="glyphicon glyphicon-chevron-up"></i></a> </footer>   <script src="/js/jquery.min.js"></script> <script src="https://maxcdn.bootstrapcdn.com/bootstrap/3.4.0/js/bootstrap.min.js"></script> <script async type="text/javascript" src="/js/bootstrap-scrollspy.min.js"></script> <script type="text/javascript" src="/js/image-enlarge.min.js"></script> <script type="text/javascript" src="/js/support-form.min.js?ver=3.2"></script> <script type="text/javascript" src="/js/responsive.min.js"></script> <script type="text/javascript" src="/js/right_nav.min.js?ver=0.5"></script> <script type="text/javascript" src="/js/bootstrap.min.js"></script>  <script async type="text/javascript" src="/js/holder.min.js"></script> <script type="text/javascript" src="/js/intlTelInput.min.js"></script> <script> $(window).scroll(function() { if ($(this).scrollTop() >= 50) { // If page is scrolled more than 50px $('#return-to-top').fadeIn(200); // Fade in the arrow } else { $('#return-to-top').fadeOut(200); // Else fade out the arrow } }); $('#return-to-top').click(function() { // When arrow is clicked $('body,html').animate({ scrollTop : 0 // Scroll to top of body }, 500); }); //End of Back to Top Button Script </script> <script> function openUseCase() { var a = document.forms["myForm"]["entry.428130736"].value; var b = document.forms["myForm"]["entry.1436371876"].value; var c = document.forms["myForm"]["entry.1743623830"].value; var d = document.forms["myForm"]["entry.840812124"].value; if (a==null || a=="") { } else if(b==null || b==""){ } else if(c==null || c==""){ } else if(d==null || d==""){ } else{ window.open('usecases/' + document.getElementById('entry_726395439').value); } } </script> <style id="antiClickjack"> body{display:none !important;} </style> <script type="text/javascript"> if (self === top) { var antiClickjack = document.getElementById("antiClickjack"); antiClickjack.parentNode.removeChild(antiClickjack); } else { top.location = self.location; } </script>  </body> </html> <script> function showTechnicalSupport(){ $('.support-form-container').show(); $('#support-form .what_you_looking_for').val('Technical Support'); } $(document).ready(function() { $(".vpn-tab").css('border-bottom', '1px solid #2c8686'); $(".ipsec-section").css('border-bottom', '4px solid #2c8686'); $(".vpn-setup-section").css('display', 'none'); $("#ipsec-sec").css('display', 'block'); $(".ipsec-section").click(function() { $(".vpn-setup-section").css('display', 'none'); $("#ipsec-sec").css('display', 'block'); $(".tab-us").css('border-bottom', '1px solid #2c8686'); $(".ipsec-section").css('border-bottom', '4px solid #2c8686'); }); $(".sslvpn-section").click(function() { $(".vpn-setup-section").css('display', 'none'); $("#sslvpn-sec").css('display', 'block'); $(".tab-us").css('border-bottom', '1px solid #2c8686'); $(".sslvpn-section").css('border-bottom', '4px solid #2c8686'); }); }); </script>

CINXE.COM

Multi-Factor Authentication (MFA) for Fortinet Fortigate VPN via RADIUS