Help
FortiAuthenticator
FortiAuthenticator provides centralized authentication services for the Fortinet Security Fabric including multi-factor authentication, single sign-on services, certificate management, and guest management.
warshad
Staff
Staff

Created on ‎04-26-2022 07:46 AM Edited on ‎04-30-2022 12:10 AM By Staff

Article Id 210458

Technical Tip: Trusted subnet for bypassing OTP does not work with FortiManager / FortiAnalyzer

Description This article explains how to resolve the issue when trusted host subnets with FortiManager and FortiAnalyzer prompt for OTP / FortiToken.
Scope FortiAuthenticator.
Solution

1) Login to FortiAuthenticator GUI (ensure it has a valid Internet connection).

 

2) Make sure to add the Radius attribute for user IP (Calling-Station-Id) through the RADIUS policy in the Authentication factors.

 

 

Calling-Station-Id.PNG

 

 

3) Enable Adaptive Authentication through RADIUS policy in the Authentication Factors -> Adaptive Authentication.

Note: FortiManager and FortiAnalyzer should be on version 6.4.6 or above for Calling-Station-Id to be sent in the Access-Request packet.
1192
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.