Skip to main content
Haxija
Haxija
New Member
July 5, 2022
Question

Fortitoken Approve Mobile Android

  • July 5, 2022
  • 4 replies
  • 3130 views

 

Hello good day,

 

The fortitoken with client forticlient 6.0.6.242 works correctly for us, but on another PC with client "6.4.6.1658" a notification arrives to the android phone to approve the connection, if we give it to approve, it does not work and the android phone shows this message: "login validation timed out waiting for response. Please try again after device has stable." In case of omitting the notification and typing the code on the PC with version "6.4.6.1658", everything works ok. How can we fix this situation so we don't have to skip the notification?

 

Regards

Guillermo

4 replies

Anthony_E
Staff
Anthony_E
Staff
August 5, 2022

Hello @Haxija ,

 

Thank you for using the Community Forum. I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible. 

 

Thanks,

Best Regards
Anthony_E
Staff
Anthony_E
Staff
August 5, 2022

Hello @Haxija ,

 

Can you provide debugs from the FortiGate when you try to connect to the PC which has issues?

Can also let us know if you are using SSL or IPSec VPN to establish this connection?

Best Regards
Debbie_FTNT
Staff & Editor
Debbie_FTNT
Staff & Editor
August 5, 2022

Hey Guillermo,

it sounds as if you have a setup with FortiGate and FortiToken mobile push notification in place.

If the push notification arrives on the phone, and you approve it, but that approval never reaches FortiGate again, there may be issues with the route back for the approval.

We have a KB for this:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiToken-mobile-push-notification/ta-p/195578
please ensure the following:
- your FortiGate is reachable from the internet via a public IP on a specific port
-> that public IP and port are configured in config system ftm-push

-> you have FTM enabled on the public interface

-> you have at least one administrator configured with NO trusted hosts (that admin can have a profile with no permissions set)

Once this is in place, let us know if approving the push notification works :)

Haxija
HaxijaAuthor
New Member
August 8, 2022

Hi,

 

We managed to solve the problem after correctly configuring the "set allowaccess ftm" line

 

Regards

Guillermo

Terms & ConditionsAccessibility statement