Mobile/Soft FortiToken has to be imported into the FortiGate with the help of an activation code that is received upon License purchase.

The procedure to import the License via CLI is as below :

exec fortitoken-mobile import EEEE-DDDD-CCCC-BBBB-AAAA  <---- Where EEEE-DDDD-CCCC-BBBB-AAAA is 20 digit license activation code.

If the error 'import FortiToken license error:- 7566' appears, follow the solution section to resolve this issue.

Why does this error code occurs and what is the meaning of this error code:

This error code occurs when the FortiToken license which the customer is trying to import into FortiGate is mapped with another unit serial number.

For example:

If FortiToken license EEEE-DDDD-CCCC-BBBB-AAAA is mapped with serial number FG100FTK20011111 and the user is trying to import this FortiToken license EEEE-DDDD-CCCC-BBBB-AAAA into the unit with serial number: FG100FTK20022222.

The error message will appear on the screen while importing the license via CLI: 'import FortiToken license error:- 7566'.

• This error can occur in the HA environment as well as on standalone units.
• In an HA environment, all the FortiToken licenses should be imported on the primary devices only.
• There is no need to assign different levels of FortiToken license on two different units in HA.
• Once the FortiToken license is imported into the primary device (in HA setup), the secondary unit will automatically fetch information about FortiToken licenses.

• This issue can only be resolved by mapping the FortiToken license on the proper unit serial number or transferring the existing FortiToken license to the unit serial number where the user wants to import the FortiToken license.
• Raise a case with Customer Service Team using the master email account for moving the FortiToken Mobile license to the correct serial number.
• For the HA environment, an error message as 'import FortiToken license error:- 7566' is prompted. Raise a ticket with the TAC Support or Customer Service Team to verify if the FortiToken license is registered under the secondary device in the HA cluster. It is possible to do a soft HA failover in this case (make the current primary unit as the secondary and set up current secondary unit role as the primary). Refer to the following article for options on performing the HA failover: Technical Tip: Different options to trigger an HA failover (FGCP)
• If the Customer Service Team confirms that the certificates/licenses are active and valid, but still the Mobile Tokens can not be activated on the FortiGate, then check if the environment is running on multi-vdom.
• If multi-vdom is enabled, check if the mobile tokens are activated under the management VDOM (root VDOM by default). If necessary to transfer the mobile tokens from the root VDOM to another VDOM, refer to this article: Technical Tip: Moving FortiToken Mobile between VDOMs.

Related articles:

Troubleshooting Tip: Unable to import mobile FortiTokens ('import fortitoken license error: -7566)

Technical Tip: License Error while importing the Mobile/soft FortiToken