Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Riggie
New Contributor III

Server unreachable error when user approves FortiToken on phone, new token temporarily solves this.

Hello,

 

We experience a weird issue with some of our users. We use FortiToken to enable 2FA, but sometimes user get a 'server unreachable' error message when approving their login attempt. Our FortiGate is available, and we're able to connect to it without any problems.

Whenever we remove the current FortiToken and re-invite the user (by scanning a new QR code) the problem is temporarily resolved.

 

Does anyone experience the same and/or does anyone know how to solve this?

We're have a FortiGate 100F running firmware 7.2.5 1517.

13 REPLIES 13
Riggie
New Contributor III

Not sure if it's a coincidence, but we tried to authorize through the OTP (6 digit code) and it seemed to work perfectly.

Riggie
New Contributor III

Just wanted to share this doesn't seem to be the cause for all users. We do have some users who are not able to bypass this error by using the OTP.

mle2802
Staff
Staff

Hi @Riggie,

Can you try to refer to this article and see if you can found any error "https://community.fortinet.com/t5/FortiGate/Technical-Tip-Token-server-status-unreachable-appears-un...

Regards,
Minh

Riggie
New Contributor III

Thanks for the reply. As far as I can see this is for hardware tokens? We're using Software tokens through the FortiToken app on Android.

Edit: The token registered with our users do show they are activated. They are also able to use the FortiToken for a while, but after a random amount of time they get the 'server unavailable' error.

pavankr5
Staff
Staff

Hello, 

 

When the issue is occurring I would suggest you to run the debug command in this article to investigate it further.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Token-server-status-unreachable-appears-un...

Thanks,
Pavan

Riggie
New Contributor III

Hello,

Thanks for your reply. As far as I can see your link shows some troubleshooting steps for a hardware token. We're only using software tokens, those are approved through the FortiToken Android app.

Edit: The token registered with our users do show they are activated. They are also able to use the FortiToken for a while, but after a random amount of time they get the 'server unavailable' error.

FortiNet_Newb
Contributor

We are experiencing the exact same issue in our environment.  We have a FortiGate 101F running 7.2.6.  Thankfully for the users who are affected, they are able to manually enter the 6 digit code from the FortiToken Mobile App to authenticate.  We had been reassigning new tokens to get around it, and it worked for a few users, but now that no longer works.  Seems like once a token has been assigned to anyone previously it will no longer be able to connect to the authentication server if you reassign it to someone else, even though the token status indicates all is OK.

 

To be clear, the token provisioning process is working fine, the token status successfully moves from Available -> Pending -> Assigned.  The mobile device successfully activates the new token and receives mobile push notifications, but trying to accept the push request fails with the "server unreachable" error on the mobile device.  Manually entering the 6 digit token code works.

PurpleShirt
New Contributor III

Has anyone found a solution or cause of this issue? Two of my users are experiencing this, with another one having had this issue once but when trying to log in again it then worked. The two others have the issue all the time and have to enter the code manually. 

 

We're on 7.0.12 and the FortiToken Mobile App is on the latest version.

Riggie
New Contributor III

Unfortunately no answer yet. The received troubleshooting steps are for hardware tokens while we only use software tokens. Hopefully we receive an answer soon!

Top Kudoed Authors