Description
This article describes why FortiAuthenticator receives an error message as follows while registering FortiToken mobile:
- FortiToken Mobile license activation error.
- Unable to resolve server domain name.
- Failed to connect fortitokenmobile.fortinet.com:443
Scope
FortiAuthenticator 6.4.
Solution
While trying to create a FortiToken Mobile using free trial tokens, the following error message may appear in the GUI.
Check the logs under Logging -> Log Access -> Logs for more information about the issue.
To narrow down the issue, check in the CLI whether FortiAuthenticator is able to resolve the fortitokenmobile.fortinet.com FQDN.
Additionally, it is necessary to cross-check the passing traffic from FortiAuthenticator to the Internet to see if the NAT gateway prevents FortiAuthenticator from reaching the FortiGuard servers over TCP/443.
In FortiAuthenticator's CLI, use ping and traceroute commands to help with this:
execute ping fortitokenmobile.fortinet.com
execute traceroute fortitokenmobile.fortinet.com
In this case, FortiAuthenticator did not have Internet access and it could not reach the FortiGuard server.
To register FortiTokens, a valid FortiGuard connection must be in place.
Upon resolving the network issue according to the steps above, registration of Mobile FortiTokens on FortiAuthenticator will succeed:
