Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
ArifS
New Contributor

FTM push notification not working from branch office network

We enabled FTM push notification for Fortitoken and it works fine if user's mobile is on 4G. However, when connected to wifi (which uses local branch fortigate) the approval request does not reach to FortiAuth server.

What changes do we have to make to each site's fortigate to allow push notification approval.

2 REPLIES 2
Toshi_Esumi
Esteemed Contributor II

Push Notification to phones come via Apple or Google. But "Deny" or "Approve" from the phones directly goes to FortiAuthenticator(FAC)'s public IP at TCP 443. Check (sniff&flow debug) at the branch FGT if the traffic is flowing (likely blocked there) toward the FAC.

 

Toshi

ArifS
New Contributor

We found the issue. The push notification was going through ADVPN due to BGP configuration. We did a test by creating policy to redirect traffic through internet and it worked. So we just need to remove the public ip of FTM from the BGP config from Fortigate.