I have fortiauthenticator 7.2.1.
It is setup with with an ldap server and using SAML as an IDP. When I go to the portal page to test my authentication from the moment I enter my username/password and press enter I only get 5 seconds to respond to my MFA prompt. Is there some way I can adjust this setting?
At least with fortigate I set remoteauthtimeout in the system global settings.
Hey aguerriero,
I'm not entirely sure if I understand your setup from your description, but it sounds a bit as if you have the following setup:
- an unspecified service provider
- FortiAuthenticator acting as IdP, with backend authentication to LDAP
- a third-party MFA provider involved somewhere
FortiAuthenticator times out an authentication attempt after five seconds, correct?
This is not about FortiGate timing out?
If my understanding is correct, and the issue is with FortiAuthenticator timing out, then it's important to know how the third-party MFA provider is involved in the setup; is there some kind of chained RADIUS authentication in the backend for 2FA, or does the LDAP server independently trigger a push notification in some way, or what exactly? Is FortiAuthenticator involved in the 2FA exchange, or does it simply wait for a reply from LDAP and trigger a timeout after five seconds?
If the case is that FortiAuthenticator simply waits for a reply from LDAP and times out after five seconds, there is a simple timer under Authentication > Remote Auth. Servers > General. If FortiAuthenticator is involved in the 2FA exchange in some way, then it should usually know to wait for the second factor to complete (default timeout for second-factor is 30 seconds I think?); it would help to know what kind of MFA solution you have and how it is involved in your setup :)
Enter your E-mail address. We'll send you an e-mail with instructions to reset your password.
