Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
unknown1020
Contributor

Created on ‎01-11-2026 04:10 PM

email-based two-factor authentication

Friends, I have a question. I have a FortiGate 7.4.9. I need to enable two-factor authentication for a new SSL VPN user. This user is from Active Directory. However, when I go to the Authentication Type settings, the "email-based two-factor authentication" option isn't displayed. This is strange because I have several existing Active Directory users with this option enabled. I've searched online and it seems I can only enable it for local users, but I can't find a way to enable it for Active Directory users.

 

Screenshot_1.jpgCould you please help me?

 

Labels:
52
0 Kudos
2 REPLIES 2
AEK
SuperUser
SuperUser

Created on ‎01-12-2026 11:35 AM

Try from CLI.

config user local
  edit user1
    set two-factor email 
    email-to user1@domain.com
  next
end

Hope it helps.

AEK
AEK
13
0 Kudos
AEK
SuperUser
SuperUser
In response to AEK

Created on ‎01-12-2026 11:38 AM

And once you enable it on CLI it will be visible on the GUI (for that user).

AEK
AEK
12
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2026 Fortinet, Inc. All Rights Reserved.