Troubleshooting Tip: Duo MFA fails with the error Post FortiSIEM upgrade to v7.3.0 or higher

After upgrading FortiSIEM to v7.3.0 or higher, Duo Multi-Factor Authentication (MFA) may fail with the following error message:

2FA Unavailable. Please confirm External Authentication configuration are correct that Duo is reachable. No public URL exists in DB.

Cause:

Starting with FortiSIEM v7.3.0, support for Cisco Duo SDK v4 was introduced as an enhancement for external authentication. This new version requires that the Fully Qualified Domain Name (FQDN) of FortiSIEM be properly configured in the system settings.

If the FQDN is not configured, Duo MFA cannot complete successfully due to the lack of a public URL reference in the database.

Resolution:

To resolve this issue:

1. Log in to the FortiSIEM GUI with an administrator account.
2. Navigate to ADMIN -> Settings -> System -> FQDN.
3. Enter the Fully Qualified Domain Name (FQDN) of the FortiSIEM supervisor instance. Example: fs.example.com
4. Select Save.
5. Retry the Duo MFA authentication.

Additional Information:

• This configuration is mandatory for all FortiSIEM versions 7.3.0 and above when using Duo for external authentication.
• Ensure that the Super FQDN is correctly resolvable and reachable from the internet if using cloud-based Duo services.