Skip to main content
kwcheng__FTNT
Staff
kwcheng__FTNT
Staff
March 30, 2021

Technical Tip: How to transfer FortiToken mobile

  • March 30, 2021
  • 0 replies
  • 40294 views

Description


This article describes how to transfer an existing FortiToken Mobile token from one end-user device (e.g., iPhone 1) to a another new end-user device (e.g., iPhone 2 or Android). It is a feature of FortiToken Mobile (not FortiAuthenticator) that can be enabled by FortiAuthenticator.

 

Scope

 

FortiAuthenticator.

Solution


Important Notes.
The FortiToken was transferred to another unit while still under the same user account.

To transfer to another user, delete the FortiToken from FortiAuthenticator and reassign it.
The following is the Network topology; in this scenario, the Port Forwarding had already been done on the FortiGate, and the focus is on the FortiAuthenticator configuration.

 
Follow this step.
 
 
More details for Public IP/FQDN for FortiToken Mobile can be found in this article:
 
  1. Log in to the FortiAuthenticator from the GUI. Go to System -> Administration -> Public IP/FQDN for FortiToken Mobile -> Public IP + FortiAuthenticator port forwarding port.
 
 
  1. Enable the FortiToken Transfer feature: Go to Authentication -> User Account Policies -> Tokens -> FortiToken Mobile Transfer and enable the FortiToken transfer feature.
 

  1. Enable the FortiToken transfer service on the FortiAuthenticator interface (the interface which holding the FortiAuthenticator IP after port forwarding). Go to System -> Network -> Interface -> Edit interface and enable 'Fortitoken Mobile API'.
 
 
  1.  Select 'Transfer Tokens from the Mobile': Go to Info -> Transfer Tokens.
 
 
  1. Select FortiToken to Transfer: Select FortiToken and select 'OK' for acknowledgement.
 
 
  1. The FortiToken transfer request will be received from a specific source IP address (the FortiToken Mobile public IP). Refer to the sample log above.
 
 
  1. The activation message and QR code will be sent to the respective email address configured under the user account assigned to this FortiToken mobile.
 
 
  1. An email to reactivate the FortiToken mobile on the other new unit will be received.
Starting from firmware version 6.6.1, under 'FortiToken Mobile Provisioning' select 'online' for 'Provision mode', then select 'Enable token transfer feature'. 
 
1.png
 

Related articles:

Technical Tip: FortiToken Push on FortiAuthenticator - operation flow and details

Troubleshooting Tip: FortiToken Mobile push notification issue

    Terms & ConditionsAccessibility statement