Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Mrinmoy
Staff
Staff

Created on ‎08-01-2024 03:54 PM Edited on ‎07-17-2025 09:55 PM By Community Manager

Article Id 329893

Technical Tip: FortiGate L2TP does not support 2FA/MFA

Description This article describes how FortiGate L2TP does not support MFA or 2FA.
Scope FortiGate v6.4 or above.
Solution

The L2TP protocol standard officially only supports username & password authentication, so two-factor is not supported.

 

In FortiClient, there is an option to add the Token ID.

 

Forticlient.JPG

 

However, in the built-in Windows app, there is no such option to add the token/MFA info.

 

user id.JPG

 

There is a workaround for this. If the token is appended to the end of the password, the FortiGate will recognize this as the token, and it will let the user through. This is confirmed as an official feature by the developers and should work.
519
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.