Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor II

Email-server MFA with Outlook



 I am trying to create a second authentication factor for my ssl-vpn users and firewall administrators in my Fortigate, this by enabling the email-server option, I have already done it correctly with gmail, but it seems that as of May 30 the policies will change and this will not be possible, so I have tried to change the server to outlook, but I cannot get the emails with the code


this is the smtp server of my hotmail account 



this is my configuration


In my outlook account I can see that a device with the fortigate IP can access the account, but the emails do not arrive, and I do not see them in sent items either



It is the same situation whether it is a hotmail or outlook account


If someone has had this situation and can share with me how to solve it, I would appreciate it, my firmware version is 7.0.5


You should ensure the SMTP access is working from other SMTP clients. You would typically have to enable SMTP access and disable MFA for your account . You can check MS documentation for detailed steps. 


Since you do not seem to care about what SMTP provider is used, why don't you just use the default SMTP server ?




If you suspect that no email might be sent out from your FortiGate, then how about packet capture to see if there is any connection attempt at all ?

As you have starttls then it will be TCP TLS. So at least you should see if there was normal handshake and TLS negotiation.

Alternatively you can spring yourself some simple test mailserver, preferably with no auth, so you will see plain SMTP in captures and be able to see if and how FortiGate sent the email. As a bonus there is supposed to be token in message body captured and readable.


Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

Top Kudoed Authors