Fortinet black logo

2FA Script Deployment Guide

Home FortiADC 5.4.1 2FA Script Deployment Guide
5.4.1
7.4.0
5.4.1
5.4.0

Deploying the FortiADC-VM

Deploying FortiADC-VM on 2FA Script

Step 1: Create a tokengroup

FortiADC-VM # config system tokengroup

FortiADC-VM (tokengroup) # edit 1

FortiADC-VM (1) # end

FortiADC-VM #

Step 2: Configure the pre-defined script

  1. TWO_STEP_VERIFICATION
  2. TWO_STEP_VERIFICATION_2_SAME

The keys of the parameter:

  • AUTH_ROOT_PATH—The authentication folder under "User Authentication" settings. One is for the form method and the other for the basic.
  • TG_NAME —Use the tokengroup entry from Step 1.

Step 3: Link these scripts to the VS

Step 4: Link the tokengroup to the VS.

FortiADC-VM # config load-balance virtual-server

FortiADC-VM (virtual-server) # edit http-60

FortiADC-VM (http-60) # set token-group-list 1

FortiADC-VM (http-60) # end

FortiADC-VM #

Step 5: Access the my2f page from client.

1. Access the VS page under AUTH_ROOT_PATH/my2f and input the correct user/passwd.

2. Input the password again.

3. You will see the 2FA summary page.

Step 6: Try to turn on the 2FA feature by user account.

1. Click the Turn-on or Change 2-Step Verification to turn on the feature.

2. Will require to scan a QR code to input the information on the APP.

3. Input the token for confirmation.

4. Check if the status is ON on the my2f page.

Step 7: Verify the 2FA feature is enabled under AUTH_ROOT_PATH folder

1. Access the page http://VS/form/index.htm

2. Input the username and password.

3. Input the token for the 2FA verification.

4. You will see the index.htm content.

Previous
Next

Deploying FortiADC-VM on 2FA Script

Step 1: Create a tokengroup

FortiADC-VM # config system tokengroup

FortiADC-VM (tokengroup) # edit 1

FortiADC-VM (1) # end

FortiADC-VM #

Step 2: Configure the pre-defined script

  1. TWO_STEP_VERIFICATION
  2. TWO_STEP_VERIFICATION_2_SAME

The keys of the parameter:

  • AUTH_ROOT_PATH—The authentication folder under "User Authentication" settings. One is for the form method and the other for the basic.
  • TG_NAME —Use the tokengroup entry from Step 1.

Step 3: Link these scripts to the VS

Step 4: Link the tokengroup to the VS.

FortiADC-VM # config load-balance virtual-server

FortiADC-VM (virtual-server) # edit http-60

FortiADC-VM (http-60) # set token-group-list 1

FortiADC-VM (http-60) # end

FortiADC-VM #

Step 5: Access the my2f page from client.

1. Access the VS page under AUTH_ROOT_PATH/my2f and input the correct user/passwd.

2. Input the password again.

3. You will see the 2FA summary page.

Step 6: Try to turn on the 2FA feature by user account.

1. Click the Turn-on or Change 2-Step Verification to turn on the feature.

2. Will require to scan a QR code to input the information on the APP.

3. Input the token for confirmation.

4. Check if the status is ON on the my2f page.

Step 7: Verify the 2FA feature is enabled under AUTH_ROOT_PATH folder

1. Access the page http://VS/form/index.htm

2. Input the username and password.

3. Input the token for the 2FA verification.

4. You will see the index.htm content.

Previous
Next