Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
auppal
Staff
Staff

Created on ‎11-06-2023 09:24 PM Edited on ‎09-24-2024 10:52 AM By Staff

Article Id 282619

Technical Tip: How to use same FortiToken Cloud for a user on multiple Fortinet Devices for Administrator Login

Description

 

This article describes that One FortiToken from the FortiToken cloud for a particular user can be used for administrator login on multiple Fortinet devices.  

 

Scope

 

FortiToken Cloud, FortiGate.

 

Pre-requisite

 

FortiToken Cloud contract license is valid and registered.

 

Solution

 

In order to use one FortiToken cloud for one user for multiple Fortinet device logins, the following 3 conditions must match:

  1. Fortinet Devices in the same realm on FortiToken Cloud. 
  2. The same username to be used for a user on all Fortinet devices 
  3. The same email is to be used for a user on all Fortinet devices 

 

Example:

Username: fortinet-token.
Devices: FortiGate and FortiManager/FortiAnalyzer.
 

Note.

The username can be anything, 'fortinet-token' is used as an example only.  
 

  1. Make sure that both devices are in the same realm on the FortiToken Cloud.

    On the FortiToken Cloud portal, Navigate to Auth Clients -> FortiProducts -> Check Realm.

 

realm-name.png

 

As seen, both devices are in the same Realm 'default'.

 

Create a local administrator user on the FortiGate with username 'fortinet-token'.

Navigate to System -> Administrators -> Create new -> Administrator.

1.png

 

  1. Enable Two-Factor Authentication -> Set the Authentication Type to FortiToken Cloud -> Provide the Email address of the user.

    2.png

     

  2. Similarly in FortiManager/FortiAnalyzer, create a local administrator with the same username 'fortinet-token' and email and set the FortiToken Cloud to FortiToken Mobile. Navigate to System Settings -> Administrators -> Create New.

    3.png

     

  3. Install the FortiToken Mobile application on Android/iOS and register the FortiToken according to the steps mentioned in the email received on the user’s email provided above.
  4. Check 'Auth Client Count' on the FortiToken Cloud portal that the username is associated with 2 devices.

Note: 2 devices are seen in this case, it should show the number of devices that particular username is used with FortiToken Cloud.

On the FortiToken Cloud portal, Navigate to Users -> check Auth Client Count.

4.png


It is also possible to check which devices this user is associated with by selecting Auth Client Count.

5.png

 

 

Once the FortiToken Mobile Application, is set up, try to login into either of the two devices, and for both devices, the same FortiToken should be used to authenticate.

Related documents:
The same token for the same user on multiple auth clients
A single FTC user in multiple auth clients

695
Submit Article Idea
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.