Hello,
We experience a weird issue with some of our users. We use FortiToken to enable 2FA, but sometimes user get a 'server unreachable' error message when approving their login attempt. Our FortiGate is available, and we're able to connect to it without any problems.
Whenever we remove the current FortiToken and re-invite the user (by scanning a new QR code) the problem is temporarily resolved.
Does anyone experience the same and/or does anyone know how to solve this?
We're have a FortiGate 100F running firmware 7.2.5 1517.
Not sure if it's a coincidence, but we tried to authorize through the OTP (6 digit code) and it seemed to work perfectly.
Just wanted to share this doesn't seem to be the cause for all users. We do have some users who are not able to bypass this error by using the OTP.
Hi @Riggie,
Can you try to refer to this article and see if you can found any error "https://community.fortinet.com/t5/FortiGate/Technical-Tip-Token-server-status-unreachable-appears-un...
Regards,
Minh
Created on 11-06-2023 07:29 AM Edited on 11-06-2023 07:32 AM
Thanks for the reply. As far as I can see this is for hardware tokens? We're using Software tokens through the FortiToken app on Android.
Edit: The token registered with our users do show they are activated. They are also able to use the FortiToken for a while, but after a random amount of time they get the 'server unavailable' error.
Hello,
When the issue is occurring I would suggest you to run the debug command in this article to investigate it further.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Token-server-status-unreachable-appears-un...
Thanks,
Pavan
Created on 11-06-2023 07:30 AM Edited on 11-06-2023 07:32 AM
Hello,
Thanks for your reply. As far as I can see your link shows some troubleshooting steps for a hardware token. We're only using software tokens, those are approved through the FortiToken Android app.
Edit: The token registered with our users do show they are activated. They are also able to use the FortiToken for a while, but after a random amount of time they get the 'server unavailable' error.
We are experiencing the exact same issue in our environment. We have a FortiGate 101F running 7.2.6. Thankfully for the users who are affected, they are able to manually enter the 6 digit code from the FortiToken Mobile App to authenticate. We had been reassigning new tokens to get around it, and it worked for a few users, but now that no longer works. Seems like once a token has been assigned to anyone previously it will no longer be able to connect to the authentication server if you reassign it to someone else, even though the token status indicates all is OK.
To be clear, the token provisioning process is working fine, the token status successfully moves from Available -> Pending -> Assigned. The mobile device successfully activates the new token and receives mobile push notifications, but trying to accept the push request fails with the "server unreachable" error on the mobile device. Manually entering the 6 digit token code works.
Has anyone found a solution or cause of this issue? Two of my users are experiencing this, with another one having had this issue once but when trying to log in again it then worked. The two others have the issue all the time and have to enter the code manually.
We're on 7.0.12 and the FortiToken Mobile App is on the latest version.
Unfortunately no answer yet. The received troubleshooting steps are for hardware tokens while we only use software tokens. Hopefully we receive an answer soon!
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1738 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.