Staff

Technical Tip: Trusted subnet for bypassing OTP does not work with FortiManager / FortiAnalyzer

Forum|Forum|3 years ago
April 26, 2022
0 replies
1798 views

Description

This article explains how to resolve the issue when trusted host subnets with FortiManager and FortiAnalyzer prompt for OTP / FortiToken.

Scope

FortiAuthenticator.

Solution

1) Login to FortiAuthenticator GUI (ensure it has a valid Internet connection).

2) Make sure to add the Radius attribute for user IP (Calling-Station-Id) through the RADIUS policy in the Authentication factors.

3) Enable Adaptive Authentication through RADIUS policy in the Authentication Factors -> Adaptive Authentication.

Note: FortiManager and FortiAnalyzer should be on version 6.4.6 or above for Calling-Station-Id to be sent in the Access-Request packet.

FortiAuthenticator v6.4

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded