Description
This article describes how to fix a licensed FortiToken with its status locked in Error/Locked/Provision Timed Out.
Scope
FortiToken Mobile.
Solution
For Purchased Mobile Tokens:
Step by step:
- Delete all the Tokens that have issues.
- To delete the token, make sure to unassign/revoke it from the User it is assigned to.
- Afterwards, select the tokens and delete them.
- To add those FortiTokens, go to User & Authentication/FortiTokens -> Select Create New -> Set the Type to Mobile Token and enter the Activation Code.
- After FortiGuard validates the code, the FortiTokens will appear on the list, with the Status set to Available.
Note:
- For all purchased/licensed tokens at the time of purchase, a PDF of a FortiToken Mobile Redemption Certificate containing the 'Activation Code', along with the total number of mobile tokens, will be sent via Email.
- If the FortiToken Mobile Redemption Certificate is not received, submit a ticket to the Customer Service Team to request it.
Via the CLI:
Sometimes, renewing the token via CLI fixes the issue (Only for Error/Locked status):
execute fortitoken-mobile renew (Serial Number of particular Token)
For example:
execute fortitoken-mobile renew FTKMOBxxxxxxx
Now, check the status of a particular token. If the status doesn't change, follow all of the above-mentioned steps, aside from the one directly above this.
To add Tokens:
execute fortitoken-mobile import "xxxx-xxxx-xxxx-xxxx-xxxx"
Where 'xxxx' will be the activation code.
Note:
The above commands are VDOM-specific. If VDOMs are configured, execute these commands in a specific VDOM.