Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jnascimento
New Contributor

Created on ‎04-12-2024 11:00 AM Edited on ‎04-12-2024 01:55 PM

Fortiauthenticator shows tokens with pending status. Some users reports problem to use token and vpn

FortiAuthenticator is showing a lots of Fortitokens with pending status. Some users with tokens with this status are reporting problems to authenticate by VPN and some others users with tokens with this status are reporting that it is working well. The same actual today's configuration worked in the past and we don't have new configuration and with no changes in the IT infrastructure. See pictures bellow for a better analisys.

Does anyone here have any experience solving a similar problem?

 

Example of user that shows “pending” status and can make access normally.pngPing getting good results to main addresses of Fortinet. List of “pending” with more of 200 users and growing up.png

202
0 Kudos
3 REPLIES 3
ozkanaltas
Contributor III

Created on ‎04-12-2024 11:28 AM

Hello @jnascimento ,

 

In normal times pending status is shown by FortiAuthenticator when the user does not activate their token.  But you say, some user tokens show pending but they can connect to vpn with 2FA. It's an interesting point.

 

Are you sure, they connect with the 2FA code? Maybe in the radius rule you missed configuring force to 2FA. Because of that, they can connect without a 2FA code.

 

Can you check this status with your user? Which do you use a version of FortiAuthenticator?

 

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-How-to-resend-activation-codes-fo...

If you have found a solution, please like and accept it to make it easily accessible to others.
NSE 4-5-6-7 OT Sec - ENT FW
If you have found a solution, please like and accept it to make it easily accessible to others.NSE 4-5-6-7 OT Sec - ENT FW
191
0 Kudos
jnascimento
New Contributor
In response to ozkanaltas

Created on ‎04-12-2024 01:58 PM

@ozkanaltas Thanks for your repply. Yes this is interesting point and I looks like a bug. I'm sure the users connect with the 2FA code, they cant connect without a 2FA code. Some users with tokens with pending status are reporting problems to authenticate by VPN but some others users with tokens with this status are reporting that it is working well. See pictures bellow for a better analisys.

 

Example of user that shows “pending” status and can make access normally.pngPing getting good results to main addresses of Fortinet. List of “pending” with more of 200 users and growing up.png

169
0 Kudos
ndumaj
Staff
Staff

Created on ‎04-14-2024 02:11 AM

Hello @jnascimento,

What is FAC firmware version?
Is this a new setup?
Did it work before, or you faced this issue after any upgrade?

BR

- Happy to help, hit like and accept the solution -
95
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.