Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
jkoay
Staff & Editor
Staff & Editor

Created on ‎11-11-2020 02:51 AM Edited on ‎03-25-2025 07:39 AM By Moderator

Article Id 198307

Technical Tip: Alternative method to obtain admin account’s SMS two factor authentication activation code

Description

 

A FortiGate with no valid SMS quota can cause login issues when SMS two factor authentication is accidentally enabled in the FortiGate’s admin account.

This article describes an alternative method to obtain admin account’s SMS two factor authentication activation code.

 

Scope

 

FortiGate.

Solution

 

  1. Access the FortiGate via console cable.

  2. In the CLI console, execute the following commands:

diag debug reset
diag debug disable
diag debug app forticldd 255
diag fortitoken debug enable
diag debug enable

 

  1. Login to FortiGate with an alternative super_admin account. Access to System -> Administrator, select admin account that was configured with SMS two factor authentication and select 'Send SMS Activation Code'.

  2. Similar output on the console with FortiToken activation code being sent out will be visible

 

 
  1. Activate the two-factor authentication via FortiToken Mobile Application with the activation code obtained from CLI console.

  2. To disable debugs:

 

diag debug disable

 

Labels:
1937
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.