Fortinet black logo

CLI Reference

6.0.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.8
7.2.7
7.2.6
7.2.5
7.2.4
7.2.3
7.2.2
7.2.1
7.2.0
7.0.15
7.0.14
7.0.13
7.0.12
7.0.11
7.0.10
7.0.9
7.0.8
7.0.7
7.0.6
7.0.5
7.0.4
7.0.3
7.0.2
7.0.1
7.0.0
6.4.15
6.4.14
6.4.13
6.4.12
6.4.11
6.4.10
6.4.9
6.4.8
6.4.7
6.4.6
6.4.5
6.4.4
6.4.3
6.4.2
6.4.1
6.4.0
6.2.16
6.2.15
6.2.14
6.2.13
6.2.12
6.2.11
6.2.10
6.2.9
6.2.8
6.2.7
6.2.6
6.2.5
6.2.4
6.2.3
6.2.2
6.2.1
6.0.0
5.6.0
5.4.0
5.2.0
5.0.0

fortitoken

fortitoken

Use these commands to activate and synchronize a FortiToken device. FortiToken devices are used in two-factor authentication of administrator and user account logons. The device generates a random six-digit code that you enter during the logon process along with user name and password.

Before they can be used to authenticate account logins, FortiToken devices must be activated with the FortiGuard service. When successfully activated, the status of the FortiToken device will change from New to Active.

Synchronization is sometimes needed due to the internal clock drift of the FortiToken device. It is not unusual for new FortiToken units to require synchronization before being put into service. Synchronization is accomplished by entering two sequential codes provided by the FortiToken.

Syntax

To activate one or more FortiToken devices

execute fortitoken activate <serial_number> [serial_number2 ... serial_numbern]

execute fortitoken activate  Activate FortiToken(s) with FortiGuard.
        {id}   FortiToken ID.
            {id}   FortiToken ID.
                {id}   FortiToken ID.
                    {id}   FortiToken ID.
                        {id}   FortiToken ID.
                            {id}   FortiToken ID.
                                {id}   FortiToken ID.
                                    {id}   FortiToken ID.
                                        {id}   FortiToken ID.
                                            {id}   FortiToken ID.
                                                {id}   FortiToken ID.
                                                    {id}   FortiToken ID.
                                                        {id}   FortiToken ID.
                                                            {id}   FortiToken ID.
                                                                {id}   FortiToken ID.
                                                                    {id}   FortiToken ID.
                                                                        {id}   FortiToken ID.
                                                                            {id}   FortiToken ID.
                                                                                {id}   FortiToken ID.
                                                                                    {id}   FortiToken ID.
To import FortiToken OTP seeds from an FTP server
execute fortitoken import ftp  Import FortiToken seeds file from FTP server.
        {file name}   FortiToken seeds file name.
            {ip}[:ftp port]   IP address of server, can also include port.
                {Enter}|{user}   FTP username may be needed.
                    {passwd}   FTP password.
To import FortiToken OTP seeds from a TFTP server
execute fortitoken import tftp  Import FortiToken seeds file from TFTP server.
        {file name}   FortiToken seeds file name.
            {ip}   IP address of server.
To import FortiToken OTP seeds from an external USB disk
execute fortitoken import usb  Import FortiToken seeds file from USB drive.
        {file name}   FortiToken seeds file name.
To import a set of FortiToken serial numbers
execute fortitoken import-sn-file  Import FTK_200 serial number from FortiCare.
        {FTK_200 Serial Number}   FTK_200 serial number.

FortiCare returns a set of 200 serial numbers that are in the same serial number range as the specified FortiToken device.

To synchronize a FortiToken
execute fortitoken sync  Synchronize FortiToken by adjusting for drift of internal clock.
        {id}   FortiToken ID.
            {code}   FortiToken code.
                {next code}   Next FortiToken code.
Previous
Next

fortitoken

Use these commands to activate and synchronize a FortiToken device. FortiToken devices are used in two-factor authentication of administrator and user account logons. The device generates a random six-digit code that you enter during the logon process along with user name and password.

Before they can be used to authenticate account logins, FortiToken devices must be activated with the FortiGuard service. When successfully activated, the status of the FortiToken device will change from New to Active.

Synchronization is sometimes needed due to the internal clock drift of the FortiToken device. It is not unusual for new FortiToken units to require synchronization before being put into service. Synchronization is accomplished by entering two sequential codes provided by the FortiToken.

Syntax

To activate one or more FortiToken devices

execute fortitoken activate <serial_number> [serial_number2 ... serial_numbern]

execute fortitoken activate  Activate FortiToken(s) with FortiGuard.
        {id}   FortiToken ID.
            {id}   FortiToken ID.
                {id}   FortiToken ID.
                    {id}   FortiToken ID.
                        {id}   FortiToken ID.
                            {id}   FortiToken ID.
                                {id}   FortiToken ID.
                                    {id}   FortiToken ID.
                                        {id}   FortiToken ID.
                                            {id}   FortiToken ID.
                                                {id}   FortiToken ID.
                                                    {id}   FortiToken ID.
                                                        {id}   FortiToken ID.
                                                            {id}   FortiToken ID.
                                                                {id}   FortiToken ID.
                                                                    {id}   FortiToken ID.
                                                                        {id}   FortiToken ID.
                                                                            {id}   FortiToken ID.
                                                                                {id}   FortiToken ID.
                                                                                    {id}   FortiToken ID.
To import FortiToken OTP seeds from an FTP server
execute fortitoken import ftp  Import FortiToken seeds file from FTP server.
        {file name}   FortiToken seeds file name.
            {ip}[:ftp port]   IP address of server, can also include port.
                {Enter}|{user}   FTP username may be needed.
                    {passwd}   FTP password.
To import FortiToken OTP seeds from a TFTP server
execute fortitoken import tftp  Import FortiToken seeds file from TFTP server.
        {file name}   FortiToken seeds file name.
            {ip}   IP address of server.
To import FortiToken OTP seeds from an external USB disk
execute fortitoken import usb  Import FortiToken seeds file from USB drive.
        {file name}   FortiToken seeds file name.
To import a set of FortiToken serial numbers
execute fortitoken import-sn-file  Import FTK_200 serial number from FortiCare.
        {FTK_200 Serial Number}   FTK_200 serial number.

FortiCare returns a set of 200 serial numbers that are in the same serial number range as the specified FortiToken device.

To synchronize a FortiToken
execute fortitoken sync  Synchronize FortiToken by adjusting for drift of internal clock.
        {id}   FortiToken ID.
            {code}   FortiToken code.
                {next code}   Next FortiToken code.
Previous
Next