Through the cli, I know the way to use email as second factor authentication for a user, but I wonder if there is a kind of limit for this feature. Is there a limit for licences for local users with email as 2FA?
Also, another question, I think 2FA for VPN clients is only available for FortiClient VPNs (IPsec or SSL), right?
I think I can not tell Windows or any other OS to ask me the second factor of authentication. We have here a L2TP/IPsec VPN, which works in native clients, we prefer do not use FortiClient but I think we will need this.