Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jnascimento
New Contributor

Created on ‎04-12-2024 11:00 AM Edited on ‎04-12-2024 01:55 PM

Fortiauthenticator shows tokens with pending status. Some users reports problem to use token and vpn

FortiAuthenticator is showing a lots of Fortitokens with pending status. Some users with tokens with this status are reporting problems to authenticate by VPN and some others users with tokens with this status are reporting that it is working well. The same actual today's configuration worked in the past and we don't have new configuration and with no changes in the IT infrastructure. See pictures bellow for a better analisys.

Does anyone here have any experience solving a similar problem?

 

Example of user that shows “pending” status and can make access normally.pngPing getting good results to main addresses of Fortinet. List of “pending” with more of 200 users and growing up.png

1627
0 Kudos
4 REPLIES 4
ozkanaltas
Valued Contributor III

Created on ‎04-12-2024 11:28 AM

Hello @jnascimento ,

 

In normal times pending status is shown by FortiAuthenticator when the user does not activate their token.  But you say, some user tokens show pending but they can connect to vpn with 2FA. It's an interesting point.

 

Are you sure, they connect with the 2FA code? Maybe in the radius rule you missed configuring force to 2FA. Because of that, they can connect without a 2FA code.

 

Can you check this status with your user? Which do you use a version of FortiAuthenticator?

 

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-How-to-resend-activation-codes-fo...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
1616
0 Kudos
jnascimento
New Contributor
In response to ozkanaltas

Created on ‎04-12-2024 01:58 PM

@ozkanaltas Thanks for your repply. Yes this is interesting point and I looks like a bug. I'm sure the users connect with the 2FA code, they cant connect without a 2FA code. Some users with tokens with pending status are reporting problems to authenticate by VPN but some others users with tokens with this status are reporting that it is working well. See pictures bellow for a better analisys.

 

Example of user that shows “pending” status and can make access normally.pngPing getting good results to main addresses of Fortinet. List of “pending” with more of 200 users and growing up.png

1594
0 Kudos
ndumaj
Staff
Staff

Created on ‎04-14-2024 02:11 AM

Hello @jnascimento,

What is FAC firmware version?
Is this a new setup?
Did it work before, or you faced this issue after any upgrade?

BR

- Happy to help, hit like and accept the solution -
1520
0 Kudos
fiesta
New Contributor III

Created on ‎03-09-2025 09:18 PM

Hey, is this solved? We happen to facing the same issue, the difference is, we unable to use it on SSL VPN, at 45% failed bounce back to beginning.

 

Login administrator to other fortinet device works fine with FAC token.

 

Notification of forticlient endpoint shows invalid username -7200 but we make sure there are no issue with configuration with by disabling the token on FAC.

FWD~
FWD~
105
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.