Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
mattchow_FTNT
Staff
Staff

Created on ‎03-12-2024 11:38 PM Edited on ‎10-21-2025 11:33 PM By Community Manager

Article Id 304266

Technical Tip: Unable to import trial FortiToken Mobile

Description This article describes why trial Tokens failed to import to FortiGate, and it shows only one token all the time.
Scope FortiOS versions prior to 7.2.12, 7.4.9, 7.6.5, 8.0.0. See the notes at the bottom of the article for later versions with fixes.
Solution

Note that HA clusters of two units that share a single license (vSN / Virtual Serial Number) are not entitled to Trial FortiTokens. Additionally, the Mobile Token license cannot be used in this situation, as it cannot be associated with the vSN. 

 

To re-activate or import two of the trial FortiTokens mobile trial, go to User&Authentication -> FortiTokens -> Create New -> Mobile Token, and fill the 'Activation Code' field with 0000-0000-0000-0000-0000 as shown below:

 

token.jpg

 

But if one of the two Tokens has been deleted, the activation will not be successful, and it will always show one token only.

 

token.jpg

 

Even the FortiToken debug shows that trial Tokens are already imported successfully as shown below:

 

diagnose debug application forticldd -1

diagnose fortitoken debug enable

diagnose debug enable

execute fortitoken-mobile import 0000-0000-0000-0000-0000
ftm_cfg_import_license[321]:import license 0000-0000-0000-0000-0000
ftm_cfg_import_license[325]:Free trial tokens are alreay imported

 

Solution:

Go to User&Authentication -> FortiTokens -> Select the existing token and delete that Token.

 

Note:

If the token is already configured for a user, Two-factor authentication must be disabled for that user to be able to delete that token.

 

token.jpg

 

Select the 'Import Free Trial Tokens' option, which is available now, and then both the Tokens will be imported successfully:


token.jpg
Note:
If the error 'no valid token' is observed from the debug output, try to disable the anycast mode on FortiGuard settings and re-import the Token.

 

To see the option 'Import free trial tokens', it is necessary to delete both tokens.

 

For vSN / Virtual Serial Number Hardware devices running with 7.2.9/7.4.6/7.6.1, a lower-end device up to FortiGate 100F will not be able to activate Trial mobile FortiToken or Cloud Tokens where the contract is registered on its virtual SN. The issue is fixed from Fortios 7.2.12:1758, 7.4.9:2814, 7.6.5:3612, 8.0.0:0056 onward.

For FortiToken Mobile, it is supported from the same versions onward, but only for FortiToken Mobiles licenses shipped after 4th of August 2025.

 

Related articles:

Technical Tip: Error: 'No valid token found' - Unable to Provision FortiTokens in HA environment

Technical Tip: How to identify Licensed and Trial FortiTokens

Technical Tip: Trial FortiToken Mobile in FortiGate or FortiAuthenticator HA

Technical Tip: Migrating users and FortiTokens to another FortiGate/FortiAuthenticator
2759
0 Kudos
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.