Skip to main content
AgnerDNS
AgnerDNS
New Member
January 14, 2025
Question

Is it possible to use google authenticator for forticlient VPN SSL instead of fortitoken?

  • January 14, 2025
  • 1 reply
  • 7901 views

I'm new to Fortigate and I need to get MFA working for SSLVPN users from an LDAP Server. With other manufacturers, such as Sophos, I just need to enable MFA for users and have them read the QR code in their respective authentication app. With Fortigate, do I need to use Fortitoken mobile exclusively?

Another question: is it true that to use MFA with Fortigate, I need to pay for a token?

1 reply

funkylicious
SuperUser
funkylicious
SuperUser
January 14, 2025

For FortiToken indeed, you would need to acquire either FortiTokens and activate them directly on the firewall, or FortiToken Cloud or via FortiAuthenticator+licenses for FortiToken Mobile ( FTM ).

You can use EntraID and the MFA that it offers you, if you have a Azure tenant.

"jack of all trades, master of none"
AgnerDNS
AgnerDNSAuthor
New Member
January 14, 2025

So basically any integration I want to do with MFA, whether it's extracting seed or using fortitoken, do I need to pay for a license?

funkylicious
SuperUser
funkylicious
SuperUser
January 14, 2025

You would only need a license for the 2FA/MFA solution that you are using.

If you are using let's say Microsoft Authenticator because you have a Azure subscription/tenant, you don't need any license on the firewall for using it.

"jack of all trades, master of none"
Terms & ConditionsAccessibility statement