Skip to main content
seadave
seadave
New Member
July 10, 2018
Question

Here's a major FACVM Gotcha to watch out for.

  • July 10, 2018
  • 2 replies
  • 12000 views

http://kb.fortinet.com/kb/documentLink.do?externalID=FD34405

 

We had a FAC200D, and the TAC converted our config to load on a FACVM.  Not one said, "Hey don't let the FACVM communicate outbound before you re-load your converted config...".

 

So we have 12 tokens now that we can't provision.  I've spent a good part of my day researching what I thought to be an LDAP error before finding the above link.

2 replies

seadave
seadaveAuthor
New Member
July 10, 2018

Look for these log errors:

 

System 30909 FTM provision error: server returned error: "No valid tokens found(17)" admin System 30909 FTM provision error: invalid server response: some requested token not properly answered: FTKMOB#####...

xsilver_FTNT
Staff
xsilver_FTNT
Staff
July 10, 2018

Hi,

as the issue is caused by two trial tokens, then when you are in the situation with errors .. how about to simply delete those two trial tokens ? Those associated with FACVM0000 SN should stop causing any issue. And if you count with those two tokens then you should be able to clieck 'Create New' and select check box "Get FortiToken Mobile free trial tokens" to get two trial tokens associated/issued now for your FAC VM SN ?

 

Kind regards,

Tomas

seadave
seadaveAuthor
New Member
July 10, 2018

Tomas-

 

Not sure I understand.  I have a list of 12 available tokens out of our pool of 200.  The other 188 are active.  If I try to provision a new user none of the 12 will work.  So during the migration from our FAC200D to FACVM, apparently because the FACVM was able to communicate with directregistration.fortinet.com BEFORE I downloaded and applied my FACVM license, those FREE FTMs were invalidated.  Why one is not able to re-register or reset the FTMs is beyond me and a major inconvenience.

seadave
seadaveAuthor
New Member
July 10, 2018

BTW, there is NO warning regarding this in the latest (5.3) FortiAuthenticator documentation.  This should be in the release notes AND it should be noted prominently prior to the VM install section.

 

Terms & ConditionsAccessibility statement