Just as fyi, the SSO for Fortigate does work and sends user/group and ip. Have this working on Fortigate and PF.
Chris Burrell Head of Network ______________________________________ D: 087 805 1588 | M: 083 333 8414 A: Rutherford Estate, 1 Scott Street, Waverley, Johannesburg chris.burr...@voxtelecom.co.za www.vox.co.za From: Durand fabrice via PacketFence-users <packetfence-users@lists.sourceforge.net> Reply-To: "packetfence-users@lists.sourceforge.net" <packetfence-users@lists.sourceforge.net> Date: Friday, 08 February 2019 at 04:04 To: "packetfence-users@lists.sourceforge.net" <packetfence-users@lists.sourceforge.net> Cc: Durand fabrice <fdur...@inverse.ca> Subject: Re: [PacketFence-users] Packet Fence SSO with VPN Radius Hello Etienne, i am working on the support of the VPN and ASA in PacketFence and in the ciscoVSA attribute in the radius request there is the mac and the ip address of the device (tunnel ip and external ip). So it should be possible to trigger the sso based on that. For the fortigate i don't know, i did some test and the only thing i can see is the username and password in the radius request but no information about the device. Regards Fabrice Le 19-02-07 à 13 h 29, Etienne Vella via PacketFence-users a écrit : Hi, In previous versions of packet fence I know that it wasn't able to send SSO when a user logs in via VPN using a fortigate or ASA firewall, as the DHCP isn't captured. do you know if there was some developments on this regards or work around? _______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net<mailto:PacketFence-users@lists.sourceforge.net> https://lists.sourceforge.net/lists/listinfo/packetfence-users<https://lists.sourceforge.net/lists/listinfo/packetfence-users>
_______________________________________________ PacketFence-users mailing list PacketFence-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/packetfence-users
