FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
acvaldez
Staff
Staff
Article Id 361747
Description This article describes a step-by-step guide on running the debug process for alertmail during the assignment of Two-Factor Authentication (2FA) to a user.
Scope FortiOS.
Solution

Review the Email Service Configuration:
Ensure the email service is properly configured for sending alertmail. 

 
enable email service.png

 

Run the debug commands in FortiGate CLI:

 

diag debug reset

diag debug disable

diag debug console timestamp en

diag debug app alertmail -1

diag debug en

 

Enable 2FA for the User:

  • Activate Two-Factor Authentication (2FA) for the employee user.
  • Assign the token to the user's profile.

 

send activation code to mnlemployee email.png

 

Debug Output:
Confirmation of a successful process.

 

===================================================================================

 # 2024-12-01 22:07:12 Arrived msg(type 8, 807 bytes):mnlemployee@manila.com
/data2/tmp/ftm_qr_FTKMOB217FC5EC3A.png
FTM Activation on FortiGate
Welcome to FortiToken Mobile - One-Time-Password software token.
Please visit https://docs.fortinet.com/ftoken.html
for instructions on how to install your FortiToken Mobile application on your device and activate your token.
You must use FortiToken Mobile version 2 or above to activate this token.
Your Activation Code, which you will need to enter on your device later, is

"EEIB7APWKDAWA7SD"

Alternatively, use the attached QR code image to activate your token with the "Scan Barcode" feature of the app.
You must activate your token by:
Wed Dec 4 22:07:12 2024 (GMT-8:00) US/Pacific,
after which you will need to contact your system administrator to
re-enable your activation.

FortiGate

2024-12-01 22:07:12 mail_info:
from:mnlserver.manila.com user:mnlemployee@manila.com
2024-12-01 22:07:12 mail_info:
reverse path:mnlemployee@manila.com
user name:mnlemployee
2024-12-01 22:07:12 to[0]:mnlemployee@manila.com
2024-12-01 22:07:12 <==_init_mail_info
2024-12-01 22:07:12 create session
2024-12-01 22:07:12 resolve mnlserver.manila.com to 1 IP
2024-12-01 22:07:12 ==> send mail
2024-12-01 22:07:12 connecting to 10.47.2.52 port 25
2024-12-01 22:07:12 send mail 0xea0e260 session 0xea11920
2024-12-01 22:07:12 session: 0xea11920, rsp_state: greeting, code: 220
2024-12-01 22:07:12 session: 0xea11920, rsp_state: ehlo, code: 250
2024-12-01 22:07:12 session: 0xea11920, rsp_state: mail, code: 250
2024-12-01 22:07:12 session: 0xea11920, rsp_state: rcpt, code: 250
2024-12-01 22:07:12 session: 0xea11920, rsp_state: data, code: 354
2024-12-01 22:07:12 session: 0xea11920, rsp_state: data2, code: 250
2024-12-01 22:07:12 session: 0xea11920, rsp_state: quit, code: 221
2024-12-01 22:07:12 session finined
2024-12-01 22:07:12 _session_on_destroy
2024-12-01 22:07:12 <== send mail success, m = 0xea0e260 s = 0xea11920

===================================================================================

 

Sample email output:

 

email output .png