Unlock Exclusive Benefits
Join Our Community Today!
Join our community and post in the forum to earn your exclusive Summer Badge! Become a member today!
LOGIN/REGISTER
CONTINUE AS A GUEST
- Support Forum
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Support Forum
- enable email 2FA for local users
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
enable email 2FA for local users
Hello everybody: I want to enable two-factor authentication but only for local users who use the forticlient to connect VPN (fortigate 60F).
I want to use email, I already have the email-server configured.
The option does not appear, so I have to configure the email-server.
This is my configuration:
show system email-server
config system email-server
set server "mail.emailexample.com.ar"
set port 26
set security smtps
end
According to the documentation:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Email-Two-Factor-Authentication-on-FortiGa...
There are two steps to complete this configuration:
Configure the SMTP server.
config system email-server
set reply-to {Sender_email_address}
set server {SMTP_server_FQDN/IP}
set port {SMTP_server_port_number}
set authenticate {enable | disable}
set username {username}
set password {password_string}
set security {none | starttls | smtps}
end
Create a user(s) with email two-factor enabled.
config user local
edit {username}
set type password
set two-factor email
set email-to {user_email_address}
set passwd {password}
next
end
config system admin
edit "admin"
set type password
set two-factor email
set email-to user_email_address
set passwd password
next
end
but I only want to enable it for local users, is it possible?
Thanks
Solved! Go to Solution.
Labels:
- Labels:
-
FortiClient
-
FortiGate
1 Solution
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello!
Yes, it is possible to enable email two-factor authentication specifically for local users on FortiGate. Here's how you can achieve this:
1. Configure the SMTP server:
```
config system email-server
set reply-to {sender_email_address}
set server {smtp_server_fqdn/ip}
set port {smtp_server_port_number}
set authenticate enable
set username {username}
set password {password_string}
set security smtps
end
```
2. Create a local user with email two-factor authentication enabled:
```
config user local
edit {username}
set type password
set two-factor email
set email-to {user_email_address}
set passwd {password}
next
end
```
By following these steps, you can enable email two-factor authentication for local users on your FortiGate device. This will ensure that only local users using FortiClient to connect to VPN will have email two-factor authentication enabled.
Best Regards!
Dhruvin Patel
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello!
Yes, it is possible to enable email two-factor authentication specifically for local users on FortiGate. Here's how you can achieve this:
1. Configure the SMTP server:
```
config system email-server
set reply-to {sender_email_address}
set server {smtp_server_fqdn/ip}
set port {smtp_server_port_number}
set authenticate enable
set username {username}
set password {password_string}
set security smtps
end
```
2. Create a local user with email two-factor authentication enabled:
```
config user local
edit {username}
set type password
set two-factor email
set email-to {user_email_address}
set passwd {password}
next
end
```
By following these steps, you can enable email two-factor authentication for local users on your FortiGate device. This will ensure that only local users using FortiClient to connect to VPN will have email two-factor authentication enabled.
Best Regards!
Dhruvin Patel
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Thanks for the answer!
I was able to enable two-factor authentication using email.
Best Regards!
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I'm glad it worked for you!
Dhruvin Patel
Labels
-
FortiGate
10,202 -
FortiClient
2,076 -
FortiManager
863 -
5.2
687 -
FortiAnalyzer
663 -
5.4
638 -
FortiSwitch
562 -
FortiAP
539 -
FortiClient EMS
529 -
6.0
416 -
IPsec
370 -
FortiMail
363 -
5.6
362 -
SSL-VPN
353 -
FortiNAC
260 -
6.2
251 -
Fortiweb
244 -
FortiAuthenticator v5.5
234 -
SD-WAN
178 -
FortiGuard
159 -
FortiAuthenticator
157 -
5.0
152 -
Firewall policy
130 -
6.4
128 -
FortiCloud Products
114 -
FortiGateCloud
112 -
FortiSIEM
110 -
FortiGate-VM
110 -
FortiToken
106 -
Wireless Controller
94 -
Customer Service
86 -
High Availability
80 -
FortiProxy
75 -
ZTNA
70 -
Routing
69 -
VLAN
69 -
Fortivoice
68 -
FortiEDR
68 -
DNS
67 -
FortiADC
64 -
SAML
64 -
BGP
62 -
Authentication
61 -
Certificate
58 -
radius
57 -
FortiSandbox
53 -
FortiLink
52 -
LDAP
52 -
FortiExtender
51 -
SSO
51 -
NAT
50 -
4.0MR3
49 -
FortiDNS
43 -
VDOM
41 -
Interface
40 -
Application control
40 -
Logging
39 -
FortiGate v5.4
38 -
FortiSwitch v6.4
38 -
Virtual IP
37 -
FortiConnect
34 -
Web profile
34 -
FortiPAM
32 -
FortiWAN
31 -
SSL SSH inspection
31 -
FortiConverter
28 -
FortiGate v5.2
27 -
Automation
27 -
Static route
25 -
Traffic shaping
24 -
SSID
24 -
FortiSwitch v6.2
23 -
FortiPortal
23 -
FortiGate Cloud
22 -
SNMP
22 -
API
22 -
System settings
22 -
WAN optimization
20 -
FortiMonitor
19 -
OSPF
19 -
Security profile
17 -
Web application firewall profile
17 -
FortiDDoS
16 -
FortiAP profile
16 -
Web rating
16 -
IP address management - IPAM
16 -
FortiSOAR
15 -
Admin
15 -
Proxy policy
15 -
FortiGate v5.0
14 -
FortiCASB
14 -
IPS signature
14 -
Explicit proxy
13 -
Intrusion prevention
13 -
FortiManager v4.0
12 -
NAC policy
12 -
Traffic shaping policy
12 -
FortiManager v5.0
11 -
FortiRecorder
11 -
RMA Information and Announcements
11 -
DNS filter
11 -
Fabric connector
11 -
Port policy
11 -
FortiAnalyzer v5.0
10 -
FortiWeb v5.0
10 -
FortiBridge
10 -
Trunk
10 -
Users
10 -
Traffic shaping profile
10 -
Fortinet Engage Partner Program
10 -
FortiGate v4.0 MR3
9 -
FortiDeceptor
9 -
Antivirus profile
9 -
FortiCache
8 -
FortiToken Cloud
8 -
Authentication rule and scheme
8 -
4.0
7 -
4.0MR2
7 -
Packet capture
7 -
Application signature
7 -
Vulnerability Management
7 -
FortiScan
6 -
DoS policy
6 -
VoIP profile
6 -
FortiCarrier
5 -
FortiNDR
5 -
FortiTester
5 -
DLP profile
5 -
DLP sensor
5 -
Email filter profile
5 -
Protocol option
5 -
Cloud Management Security
5 -
3.6
4 -
FortiHypervisor
4 -
FortiDirector
4 -
Internet service database
4 -
DLP Dictionary
4 -
File filter
4 -
Netflow
4 -
TACACS
4 -
Replacement messages
4 -
SDN connector
4 -
Service
4 -
Multicast routing
4 -
FortiDB
3 -
Kerberos
3 -
Multicast policy
3 -
FortiInsight
2 -
FortiAI
2 -
Video Filter
2 -
Schedule
2 -
ICAP profile
2 -
Zone
2 -
FortiEdge Cloud
2 -
FortiGuest
2 -
4.0MR1
1 -
FortiManager-VM
1 -
FortiCWP
1 -
Subscription Renewal Policy
1 -
Virtual wire pair
1 -
Lacework
1 -
FortiEdge
1 -
FortiAIOps
1
Top Kudoed Authors
| User | Count |
|---|---|
| 2428 | |
| 1303 | |
| 778 | |
| 556 | |
| 455 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.