Hi guys!
Here in the company we have 12 firewalls and we authenticate with a security code in the emails, which was configured by CLI. But thinking about security, how could we configure this authentication configured in the CLI to send the code with the device name in the email title or body?
Because sometimes we have technicians connected to several firewalls and we don't know which one is that code.
Kind regards
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
It doesn't appear to be something that can be edited. What about moving to FortiToken? That way you can just use push notifications and automatically approve access without entering codes...
Hi,
you could configure on each Fortigate reply-to value to be representative of each FGT. This way your technicians will get emails from different senders for each Fortigate.
E.g. FGT Atlanta:
config system email-server
set reply-to "atlanta@yurisk.com"
set server "aspmx.l.google.com"
end
Now FGT in Tokyo:
config system email-server
set reply-to "tokyo@yurisk.com"
set server "aspmx.l.google.com"
end
This way when logging in FGT Atlanta, the technician would get token from atlanta@yurisk.com, while when logging into Tokyo, she would get an email from tokyo@yurisk.com.
I guess that would be enough of a differentiator.
Regarding using mobile Fortitokens - each such FTM can be associated with only 1 Fortigate, so to have FTM for logging in 12 FGTs, you would need Fortiauthenticator.
HTH.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1696 | |
1091 | |
752 | |
446 | |
228 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.