Technical Tip: Using FortiToken when connecting to IPSEC dialup connection using iOS Native VPN

For IOS Native IPSEC VPN, it will not prompt for the two-factor authentication. Instead, token code should be appended on the password during the authentication in the format 'password+2FA'.

Example:

Password:  p@ssw0rd
Token Code:  345678

User will enter p@ssw0rd345678 when prompted with the password.

Debug logs showing concatenation of FortiToken code

[1909] handle_req-Rcvd auth req 2040096264 for anabel in IPSEC_LDAP_2FA opt=00000000 prot=5
<>
[927] retry_concatenated_fortitoken-Retrying for concatenated pwd & FTK for req 2040096264
<>
[2679] fnbamd_ldap_result-Result for ldap svr 10.10.10.1(LDAP_SERVER) is SUCCESS
[1642] fnbam_user_auth_group_match-req id: 2040096264, server: LDAP_SERVER, local auth: 0, dn match: 1
[1598] __group_match-Group 'IPSEC_LDAP_2FA' passed group matching
[1601] __group_match-Add matched group 'IPSEC_LDAP_2FA'(4)
[2690] fnbamd_ldap_result-Passed group matching