Fortinet Document Library

Version:

Version:

Version:


Table of Contents

More Links

Configuring FortiToken Mobile

Cookbook

Download PDF
Copy Link

Set up FortiToken two-factor authentication

This configuration adds two-factor authentication (2FA) to the split tunnel configuration (SSL VPN split tunnel for remote user). It uses one of the two free mobile FortiTokens that is already installed on the FortiGate.

To configure 2FA using the GUI:
  1. Configure the user:
    1. Go to User & Device > User Definition and edit local user sslvpnuser1.
    2. Enter the user's Email Address.
    3. Enable Two-factor Authentication and select one mobile Token from the list,
    4. Enable Send Activation Code and select Email.
    5. Click Next and click Submit.
  2. Activate the mobile token:
    1. When a FortiToken is added to user sslvpnuser1, an email is sent to the user's email address. Follow the instructions to install your FortiToken mobile application on your device and activate your token.
To configure 2FA using the CLI:
  1. Configure the user:
    config user local
        edit "sslvpnuser1"
            set type password
            set two-factor fortitoken
            set fortitoken <select mobile token for the option list>
            set email-to <user's email address>
            set passwd <user's password>
        next
    end
    
  2. Activate the mobile token:
    1. When a FortiToken is added to user sslvpnuser1, an email is sent to the user's email address. Follow the instructions to install your FortiToken mobile application on your device and activate your token.

More Links

Set up FortiToken two-factor authentication

This configuration adds two-factor authentication (2FA) to the split tunnel configuration (SSL VPN split tunnel for remote user). It uses one of the two free mobile FortiTokens that is already installed on the FortiGate.

To configure 2FA using the GUI:
  1. Configure the user:
    1. Go to User & Device > User Definition and edit local user sslvpnuser1.
    2. Enter the user's Email Address.
    3. Enable Two-factor Authentication and select one mobile Token from the list,
    4. Enable Send Activation Code and select Email.
    5. Click Next and click Submit.
  2. Activate the mobile token:
    1. When a FortiToken is added to user sslvpnuser1, an email is sent to the user's email address. Follow the instructions to install your FortiToken mobile application on your device and activate your token.
To configure 2FA using the CLI:
  1. Configure the user:
    config user local
        edit "sslvpnuser1"
            set type password
            set two-factor fortitoken
            set fortitoken <select mobile token for the option list>
            set email-to <user's email address>
            set passwd <user's password>
        next
    end
    
  2. Activate the mobile token:
    1. When a FortiToken is added to user sslvpnuser1, an email is sent to the user's email address. Follow the instructions to install your FortiToken mobile application on your device and activate your token.