Technical Tip: How to identify licensed and trial FortiTokens
| Description | This article describes how to distinguish between trial and licensed FortiTokens. |
| Scope | FortiGate, FortiTokens. |
| Solution | On the GUI, when there are licensed Mobile tokens from the GUI, it does not show which are licensed tokens and which are free tokens. The serial number might also have the same starting characters, so it is hard to understand the difference.
To identify them, open up the CLI and follow the commands:
show user fortitoken
This will show a list of all the tokens on the FortiGate:
show user fortitoken jeNgvkU4mkUhjwCyUZ3cwqZy3bSzhBKOSNgq4XDTSfr8FHxJmEXEQ4Qy
From the list, look for the token that has 'FTMTRIAL' mentioned under 'set license'. This will be the one that comes free with every FortiGate.
Notes:
Below is an example of a licensed FortiToken Mobile. The license serial number begins with 'EFTM', while trial FortiTokens use 'FTMTRIAL'. config user fortitoken edit "FTKMOBXXXXXXXXXX" set license "EFTMXXXXXXXXXXXX" set activation-code "EEIATW6I2TAMGFDN" set activation-expire 1751590040 set reg-id "c5e7209292eb86976f8e0f94ff767f1ed5429cda42d52ef48a2cf07461fac5ac" set os-ver "5.4.1_IOS" next end
Also, it is a good practice to check the expiration and renewal of a FortiToken to avoid any type of issues related to licensing or expiration, so from the above output, it is possible to check 'set activation-expire' (epoch format). It is possible to use the following free tool to check this: Epoch & Unix Timestamp Conversion Tools
Regularly checking this information about the expiration of a FortiToken will ensure not lose access.
Related articles: |