Skip to Content

Solved: How do I configure SSL VPN bookmark with Single Sign-On?

By: Author Alex Lim

Posted on  - Last updated:

Categories Troubleshooting

Table of Contents

Description

This article describes how to configure SSL VPN web portal in web mode and predefines a bookmark with Single Sign-On.

Scope

FortiGate.

Solution

In FortiGate SSL VPN Web Mode integrated with Active Directory Authentication, the user established the SSL VPN tunnel via Web browser, then the user uses the same Active Directory credentials to access the internal application, and no need to log in to the application again.

Sample configuration:

edit "web-access"
set tunnel-mode disable
set web-mode enable
set allow-user-access web rdp
set limit-user-logins disable
set display-bookmark enable
set user-bookmark enable
set user-group-bookmark enable

# config bookmark-group
edit "gui-bookmarks"
config bookmarks
edit "10.1.1.1"
set apptype web
set description ''
set url "https://10.1.1.1"
set sso auto
set sso-credential sslvpn-login
set sso-credential-sent-once disable
next

Note: This is not supported in SSL VPN Tunnel mode .