Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
FriedBacon
New Contributor II

Created on ‎08-11-2022 05:39 AM

FortiAuthenticator: Disable Push Notification for Local Administrator Accounts

Hey everyone, hoping for your inputs on this.
From the title itself; we have local users that are administrators for FortiAuthenticator GUI/CLI. Tese local users have FTM attached/enable on them. We want to disable Push notifications for these users; requiring them to manually code-in the OTP


Appreciate any ideas/inputs

Labels:
2690
0 Kudos
1 Solution
Markus_M
Staff
Staff

Created on ‎08-12-2022 02:21 AM

Hi FriedBacon,

 

I don't have a good answer, you might need some more breakfast with eggs though :)

You cannot disable the push by a click, that is only possible for the users that authenticate through radius policies.

The push however is just a connection from FortiAuthenticator to a proxy server we use, push.fortinet.com, and then to Apple/Google. Finally it pops up on the phone.

If you were to disable that connection, push messages would not be sent anymore - for any user.

If this is a way to go with - create on the FortiGate or firewall an address object for "push.fortinet.com" and a policy that is set to block traffic to that address object.

 

Best regards,

 

Markus

View solution in original post

2673
2 REPLIES 2
Markus_M
Staff
Staff

Created on ‎08-12-2022 02:21 AM

Hi FriedBacon,

 

I don't have a good answer, you might need some more breakfast with eggs though :)

You cannot disable the push by a click, that is only possible for the users that authenticate through radius policies.

The push however is just a connection from FortiAuthenticator to a proxy server we use, push.fortinet.com, and then to Apple/Google. Finally it pops up on the phone.

If you were to disable that connection, push messages would not be sent anymore - for any user.

If this is a way to go with - create on the FortiGate or firewall an address object for "push.fortinet.com" and a policy that is set to block traffic to that address object.

 

Best regards,

 

Markus

2674
FriedBacon
New Contributor II
In response to Markus_M

Created on ‎08-12-2022 06:59 AM

Thanks @Markus_M  this is what I was afraid of.

 

This honestly needs to be a feature; one such scenario this is needed is push notif is only enabled for users, but requiring admins of network devices to manually code-in the OTP

2664
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.