Subject: Issue with MFA Integration between FortiAuthenticator and FortiOS

N_W · ‎10-10-2024

Hello,
I am currently using FortiAuthenticator version 6.4.9. Additionally, my firewall is running FortiOS version 7.2.9, and based on the documentation I reviewed, these versions are compatible with each other. However, I am facing the following issue:
I have completed the integration between FortiAuthenticator and the firewall, and all necessary configurations have been made. On the first attempt, the user I want to apply MFA to receives the email without any problems. But on subsequent attempts, the user can log in directly without being prompted for a token, and then the email is sent. The logs in FortiAuthenticator show an OK log indicating that the email was sent, but the user is logged in without seeing the token entry screen.
Could this be a bug related to the version, or is it possible that I have missed something in the configuration? If this is a bug, it is not mentioned in the "Known Issues" section of the release notes.
Best regards

N_W · ‎10-10-2024

Additionally, I would like to inform you that despite upgrading from version 6.4.9 to version 6.5.5, it is still not working

AEK · ‎10-10-2024

Hi N_W

Is it about admin login on FG WebUI or VPN or portal or other?

AEK

N_W · ‎10-17-2024

Hello, thank you for your interest. I resolved my issue with the help of Fortinet engineers. The mistake I made was that the user had LDAP information both on the firewall and locally. When I completely removed the user, it started asking for a token because it could only respond to requests through authentication

Subject: Issue with MFA Integration between FortiAuthenticator and FortiOS

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website