Fortinet Document Library

Version:

Version:


Table of Contents

Download PDF
Copy Link

Setting up FortiToken Hardware

The following steps are required to add FortiToken two-factor authentication to a user on the FortiGate or FortiAuthenticator:

  • Registering FortiToken-200/200CD/220-Edge
  • Assigning the FortiToken to the user
The FortiGate must also have a FortiGuard subscription to support FortiToken.

Registering a FortiToken

The following steps show how to register a FortiToken-200, FortiToken-200CD, and FortiToken-220-Edge on a FortiGate and FortiAuthenticator.

On the FortiGate

  1. Go to User & Device > FortiTokens and select Create New.
  2. Set Type to Hard Token and enter the FortiToken serial number in the Serial Number field, then select OK.
If you have several FortiTokens to add at once, you can list their serial numbers in a text file and select Import. Each serial number must be listed individually per line of text.
  1. Wait for the FortiGuard to validate your FortiToken’s serial number. When you first enter the serial number, its status is listed as Pending. When FortiGuard validates the serial number, the status changes to Available.

Follow the same procedure above for both FortiToken-200 and FortiToken-220-Edge units.

For FortiToken-200CD:

  1. Insert the activation CD labeled FortiToken-200 Activation File.
  2. Go to User & Device > FortiTokens and select Create New. Set Type to Hard Token and select Import.
  1. Select Seed File, browse to the CD and select the .FTK file, then select OK.
  2. Each FortiToken will be installed and activated.

On the FortiAuthenticator

  1. Go to Authentication > User Management > FortiTokens and select Create New.
  2. Set Token type to FortiToken hardware and enter the FortiToken serial number in the Serial numbers field, then select OK.
If you have several FortiTokens to add at once, you can select Import Multiple and import by Serial number file, Seed file, or FortiGate configuration file.

For FortiToken-200CD:

  1. Insert the activation CD labeled FortiToken-200 Activation File.
  1. Go to Authentication > User Management > FortiToken and select Import. Set File type to Seed file, browse to and select the .FTK file on the CD, and select OK.
  1. Each FortiToken will be installed and activated.

Assigning a FortiToken to a user

The following steps show how to assign a FortiToken to a user on a FortiGate and FortiAuthenticator.

On the FortiGate

  1. Go to User & Device > User > User Definition and edit a user.
  2. Enable Two-factor Authentication and select the FortiToken from the list. Select OK.
  3. Go back to User & Device > FortiTokens to confirm that the FortiToken is assigned to the user you edited.

On the FortiAuthenticator

  1. Go to Authentication > User Management > Local Users and edit a user.
  2. Enable Token-based authentication, select FortiToken, and select the FortiToken from the dropdown menu. Select OK.
  3. Go back to Authentication > User Management > FortiTokens to confirm that the FortiToken is assigned to the user you edited.

Setting up FortiToken Hardware

The following steps are required to add FortiToken two-factor authentication to a user on the FortiGate or FortiAuthenticator:

  • Registering FortiToken-200/200CD/220-Edge
  • Assigning the FortiToken to the user
The FortiGate must also have a FortiGuard subscription to support FortiToken.

Registering a FortiToken

The following steps show how to register a FortiToken-200, FortiToken-200CD, and FortiToken-220-Edge on a FortiGate and FortiAuthenticator.

On the FortiGate

  1. Go to User & Device > FortiTokens and select Create New.
  2. Set Type to Hard Token and enter the FortiToken serial number in the Serial Number field, then select OK.
If you have several FortiTokens to add at once, you can list their serial numbers in a text file and select Import. Each serial number must be listed individually per line of text.
  1. Wait for the FortiGuard to validate your FortiToken’s serial number. When you first enter the serial number, its status is listed as Pending. When FortiGuard validates the serial number, the status changes to Available.

Follow the same procedure above for both FortiToken-200 and FortiToken-220-Edge units.

For FortiToken-200CD:

  1. Insert the activation CD labeled FortiToken-200 Activation File.
  2. Go to User & Device > FortiTokens and select Create New. Set Type to Hard Token and select Import.
  1. Select Seed File, browse to the CD and select the .FTK file, then select OK.
  2. Each FortiToken will be installed and activated.

On the FortiAuthenticator

  1. Go to Authentication > User Management > FortiTokens and select Create New.
  2. Set Token type to FortiToken hardware and enter the FortiToken serial number in the Serial numbers field, then select OK.
If you have several FortiTokens to add at once, you can select Import Multiple and import by Serial number file, Seed file, or FortiGate configuration file.

For FortiToken-200CD:

  1. Insert the activation CD labeled FortiToken-200 Activation File.
  1. Go to Authentication > User Management > FortiToken and select Import. Set File type to Seed file, browse to and select the .FTK file on the CD, and select OK.
  1. Each FortiToken will be installed and activated.

Assigning a FortiToken to a user

The following steps show how to assign a FortiToken to a user on a FortiGate and FortiAuthenticator.

On the FortiGate

  1. Go to User & Device > User > User Definition and edit a user.
  2. Enable Two-factor Authentication and select the FortiToken from the list. Select OK.
  3. Go back to User & Device > FortiTokens to confirm that the FortiToken is assigned to the user you edited.

On the FortiAuthenticator

  1. Go to Authentication > User Management > Local Users and edit a user.
  2. Enable Token-based authentication, select FortiToken, and select the FortiToken from the dropdown menu. Select OK.
  3. Go back to Authentication > User Management > FortiTokens to confirm that the FortiToken is assigned to the user you edited.