Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
marijasmlvc
New Contributor

Fortigate MFA SMS

Hello everyone,

I am pretty new to Fortinet community and I need some help regarding the activation of MFA SMS functionality on Fortigate 60F 7.2.9. :)

If I understood correctly, we have 2 options: getting a FortiGuard Messaging license or getting a 3rd party provider SMS gateway. Either way, the documentation says I need to configure SMTP server.

Is it necessary to go through SMTP server, that is to go through email2sms or can I just go directly and define my custom sms-server (provider's domain) and sms-phone to which I want the OTP to be sent and if it is necessary why is that if it's not too much of a trouble explaining?

1 Solution
pminarik
Staff
Staff

If you decide to use FortiGuard, you don't need to configure any email/sms server. The message is delivered by the Fortigate to FortiGuard via API, and then later in the chain sent as an regular SMS. But you need to buy the license to get SMS credits.

 

For third party, you need a valid email-server configured, and an sms server configured. The delivery is done in a non-configurable way, as an email sent to <phone number>@<server-name>, with <server-name> configured in "config system sms-server". It is up to the mail-to-sms gateway to understand this and translate it to a regular SMS.

[ corrections always welcome ]

View solution in original post

5 REPLIES 5
AEK
SuperUser
SuperUser

Hello

I'm not sure if I understand well your question, but on FortiGate you need to define a SMTP server for SMS gateway

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SMS-Two-Factor-Authentication-...

While on FortiAuthenticator it supports SMTP, HTTP and HTTPS with more elaborated customization.

AEK
AEK
rahul_p1
Staff
Staff

Hello,

Please refer to these kb articles for SMS OTP for two-factor authentication:- https://community.fortinet.com/t5/FortiGate/Technical-Tip-Configuring-SMS-Two-Factor-Authentication-...

 

https://community.fortinet.com/t5/FortiAuthenticator/Technical-Tip-General-SMS-Gateway-configuration...

 

Please go through these articles this will give you more elaborated details.

 

Please let us know if you have any queries.

Thanks

pminarik
Staff
Staff

If you decide to use FortiGuard, you don't need to configure any email/sms server. The message is delivered by the Fortigate to FortiGuard via API, and then later in the chain sent as an regular SMS. But you need to buy the license to get SMS credits.

 

For third party, you need a valid email-server configured, and an sms server configured. The delivery is done in a non-configurable way, as an email sent to <phone number>@<server-name>, with <server-name> configured in "config system sms-server". It is up to the mail-to-sms gateway to understand this and translate it to a regular SMS.

[ corrections always welcome ]
marijasmlvc
New Contributor

Thank you all for your help and replies. :)

bridgettewah
New Contributor

You’re correct about the two options for SMS functionality. Using a FortiGuard Messaging license is straightforward, but if you want to use a third-party SMS gateway, you can usually bypass the SMTP route.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors