Technical Tip: Understanding the log message 'Logs FortiToken seed retrieval from FortiGuard server'
| Description | This article describes the typical circumstances behind the 'Logs FortiToken seed retrieval from FortiGuard server'. |
| Scope | FortiAuthenticator. |
| Solution | Event ID 10101 refers to an event log entry indicating that the FortiAuthenticator is trying to retrieve the FortiToken seed from the FortiGuard Server but has failed. This log is only for hardware tokens and not for soft tokens.
The sample system event message(s) will look like below:
date=2025-06-04 time=20:13:33+0000 oid=8888 logid=10101 cat="Event" subcat="Admin Configuration" level="warning" nas="" action="" status="" msg="FortiToken Activation retry failed due to a connectivity error." user=""
date=2025-06-04 time=20:13:33+0000 oid=8888 logid=10101 cat="Event" subcat="Admin Configuration" level="warning" nas="" action="" status="" msg="Unable to activate token(s): FTKXXXXXXXXXXXX. Invalid serial number(s), ensure that the serial number(s) are correct." user="admin"
date=2025-06-04 time=20:13:33+0000 oid=8888 logid=10101 cat="Event" subcat="Admin Configuration" level="warning" nas="" action="" status="" msg="Unable to activate token(s): FTKXXXXXXXXXXXX. Token(s) have already been activated on another device." user="admin"
There are many other different events, and they will still share the same event IDs under 10101. They can be viewed under Log Access -> Logs -> filter '10101'. FortiTokens that are unable to activate due to clause '3', do contact Fortinet TAC support to reset activation. |