I've had 2FA working again Authenticator for some time but recently was tasked with turning on the push notifications but my FortiClient does not have a "Push" button and I really never knew it was supposed to. I thought when you made the authentication request (logged in when prompted by the VPN config) that it would go ahead and ask you to input the token AND still accept the push, but from the 6.4.8 Release Notes it would appear that I should have the option to select "push" OR to enter my code:
To connect VPN with FortiToken Mobile using push notifications:
1. On the Remote Access tab, select the VPN connection from the dropdown list.
2. Enter your username and password and click the Connect button. The Click on 'FTM Push' or enter token code box displays.
3. Click FTM Push. Your device with FortiToken Mobile installed receives a notification.
4. On your device with FortiToken Mobile installed, tap the notification and follow the instructions to allow the authentication request and complete network authentication without typing the token code. You can also deny the authentication request, or do nothing and let the notification request expire.
I have my Authenticator configured for PUSH and have seen a request hit my FortiToken Mobile but no matter if I hit "approve" or "deny", the VPN times out. Never though have I seen the option to: The Click on 'FTM Push button so is there something wrong with my deployment package in EMS perhaps then??
Solved! Go to Solution.
Hello,
With the current design of the FortiOS and Forticlient app, the fortitoken mobile puh is not supported by Dialup IPSec.
For IPsec two-factor auth, we support mobile token, RSA token, and Fortinet hardtoken, for these we need to enter the pin manually.
You can reach out to your local Fortinet Partner and submit an NFR(New Feature Request).
Ahmad
Hello fcb,
Thank you for using the Community Forum.
I will seek to get you an answer or help. We will reply to this thread with an update as soon as possible.
Regards,
Hello,
With the current design of the FortiOS and Forticlient app, the fortitoken mobile puh is not supported by Dialup IPSec.
For IPsec two-factor auth, we support mobile token, RSA token, and Fortinet hardtoken, for these we need to enter the pin manually.
You can reach out to your local Fortinet Partner and submit an NFR(New Feature Request).
Ahmad
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.