FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
This article describes a common issue where FortiGate fails to send the FortiToken activation email (QR code) to users due to SMTP authentication errors when using a Gmail account with two-step verification enabled.
Scope
FortiGate configured to send FortiToken activation codes via Gmail SMTP server.
Solution
When using a Gmail account with two-step verification (2FA) enabled, FortiGate cannot authenticate using the standard email password. This results in authentication errors such as:
session: rsp_state: auth2, code: 535 <----- Send mail failed
To resolve this issue:
Log in to the Gmail account used for FortiGate email configuration.
Go to Security -> App passwords.
Generate an App Password.
Use this App Password in FortiGate email settings under:
config system email-server
set password <App Password>
end
Test the connection again. After applying this change, FortiGate should be able to send activation emails with the QR code for FortiToken successfully.
