Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
funkylicious
Contributor III

SSLVPN - FCT 2FA display message

Hello,

 

I was wondering if someone could shed some light on how the following can be achieved, if it can.

When 2FA is configured for users that are connecting to SSLVPN, that are either via RADIUS/FortiAuth/FortiToken or using a 3rd party OTP app, I noticed that you can change the banner message that is being displayed in FortiClient, specifically instead of the standard from below to a custom one:

 

Enter token code or no code to send a notification to your FortiToken Mobile

 

 

Can anyone point in the right direction on how to achieve this ? I searched in the Replacement Messages in FortiAuth and FortiGate, but couldnt find it.


Thank you.

geek
geek
1 Solution
funkylicious

Unfortunately for the other SSLVPN profile, I dont have access to anything related to the configuration, just to the one of my company.

I saw those replacement msgs, but none have that exact specific message that I see. I might try and delete the default tag and insert some custom text and see what happens in the RADIUS Challenge Reply-Message with FortiToken Mobile Push .

 

L.E. Yep, that did the trick. The custom text I've inserted was visibile in FortiClient upon connecting to the SSLVPN.

geek

View solution in original post

geek
14 REPLIES 14
dbu

Very nice! 

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
dbu
Staff
Staff

Hi @funkylicious ,

May be this can be done from FortiClient side ?  

Do you have a free VPN client or EMS license ?

 

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
funkylicious

Hi,

In my case, I use a free version of the client and have configured a SSL VPN connection which connects to a partner's FGT and which has 2FA with Google Authenticator and upon login that banner message in FortiClient is changed and it's being displayed in another language, other than EN and it's not the default one translated, while on other SSLVPN profile ( the one where I have RADIUS/FortiAuth and FTM ) I get the default message in EN.

geek
geek
dbu

Just to clarify my understanding : 
You are using same Forticlient to connect with two different profiles and in one of them you are seeing this other language ? If yes, it sounds like a custom client. 
On the other side i believe that the free VPN client is not customizable. 

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
funkylicious

Yes, the same FortiClient version 7.0.7 I think have to double check, has 2 SSLVPN profiles configured.

1. my own company's SSLVPN with 2FA ( FTM ), for which I have access to FGT/FortiAuth and I have the standard message being displayed upon token request;

2. an external partner's SSLVPN with 2FA ( Google Authenticator or Authenticator what it's being called now ) which I dont know exactly what is configured behind it, that upon requesting the token to be typed it shows a different message

geek
geek
Labels
Top Kudoed Authors