SSL VPN with RADIUS and FortiToken mobile push on FortiAuthenticator

This is a sample configuration of SSL VPN that uses FortiAuthenticator as a RADIUS authentication server and FortiToken mobile push two-factor authentication. If you enable push notifications, users can accept or deny the authentication request.

Sample topology

Sample configuration

WAN interface is the interface connected to ISP. This example shows static mode. You can also use DHCP or PPPoE mode. The SSL VPN connection is established over the WAN interface.

To configure FortiAuthenticator using the GUI:
  1. On the FortiAuthenticator, go to System > Administration > System Access and configure a Public IP/FQDN for FortiToken Mobile. If the FortiAuthenticator is behind a firewall, the public IP/FQDN will be an IP/port forwarding rule di