Technical Tip: Enabling Two Factor PUSH Authentication on FortiAuthenticator
Description
This article describes how to enable PUSH Authentication instead of entering the token code manually.
Solution
1) The interface that receives the approve/deny FTM push responses must have the FortiToken Mobile API service enabled.
2) Enter the network public IP address under System -> Administration -> System Access -> Public IP/FQDN for FortiToken Mobile:
FortiAuthenticator only listens on port 443. NOTE: If the FortiAuthenticator interface is configured with a Private IP then it may be needed to NAT the Public->Private for that IP.
3) Make sure to enable through RADIUS policy in the Authentication factors > Advanced options > Allow FortiToken Mobile push notifications.
Related Article: