matanaskovic
Staff
Staff

Description

 

This article describes why FortiAuthenticator is receiving the error message as follows while registering FortiToken mobile:

 

- FTM license activation error.

- Unable to resolve server domain name.

- Failed to connect fortitokenmobile.fortinet.com:443

 

Scope

 

FortiAuthenticator 6.4.

 

Solution

 

While trying to create FortiToken mobile, using free trial tokens, however in GUI getting the following error message.

 

matanaskovic_0-1658842717166.png

 

Checking the logs, under the Logging -> Log Access -> Logs, more information can be found about the issue.

 

matanaskovic_1-1658842743102.png

 

To narrow down the issue, check in CLI if FortiAuthenticator is able to resolve fortitokenmobile.fortinet.com FQDN.

 

Also, needs to crosscheck on the passing traffic way from FortiAuthenticator to the Internet, if NAT gateway prevents FortiAuthenticator to reach the FortiGuard servers over TCP/443.

 

In FortiAuthenticator's CLI, ping and traceroute commands help in this case.

 

- ping execute fortitokenmobile.fortinet.com

- execute traceroute fortitokenmobile.fortinet.com

 

matanaskovic_2-1658842848354.png

 

FortiAuthenticator didn’t have Internet access and it couldn’t reach the FortiGuard server.

To register FortiTokens, a valid FortiGuard connection must be there.

 

Resolving the network issue according to the steps from above, registration of FortiTokens mobile on FortiAuthenticator was successful.

 

matanaskovic_3-1658842963327.png

 

matanaskovic_4-1658842978925.png

 

Contributors