FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
Description This article describes how to move FortiToken Mobile between VDOMs.
Solution 1) Ensure the FortiToken mobile to move is not assigned to any user. 2) Note down the Serial Number of the FortiToken to move to different VDOM. 3 )Delete the token from current VDOM using the bellow CLI commands.
# config vdom edit <source_vdom_name> # config user fortitoken delete <FortiToken_Serial_Number> end end
4)Import the FortiToken to new VDOM using the bellow CLI commands.
# conf vdom edit <destination_vdom_name> # conf user fortitoken edit <FortiToken_Serial_Number> end end
5)Once FortiToken Mobile has been moved to new VDOM, it will be possible to assign it to users in the new VDOM as usual using either GUI or CLI.
# conf user local edit vpn_user set email-to <user_email_address> set two-factor fortitoken set fortitoken <FortiToken_Serial_Number> next end
In this example, FortiToken Mobile with serial number FTKMOB8A1020XXXX will be moved from VDOM 'root' to VDOM 'test'. User 'vpn_user' will be then created and assign it to the migrated FortiToken FTKMOB8A1020XXXX .
# config vdom edit root # config user fortitoken delete FTKMOB8A1020XXXX end end
# conf vdom edit test # conf user fortitoken edit FTKMOB8A1020XXXX end
# conf user local edit vpn_user set email-to user@example.com set two-factor fortitoken set fortitoken FTKMOB8A1020XXXX next end
Note. In the case there is no SMTP server configured for FortiToken activation code delivery, the activation code using the bellow CLI command will be visible.
# show user fortitoken <FortiToken_Serial_Number> | grep activation-code
