Good morning!
I have problems with connecting 2fa vpn. I have IPSEC tunnel vpn. If I connect vpn with 2fa it dies immediately and does not even allow me to enter a password. But if I turn off 2fa, everything works fine.
I used this
config user local edit "epass" set type password set two-factor email set email-to "manny@infosecmonkey.org" set passwd SuperSecretPassword next end
mail server is
config system email-server set server "notification.fortinet.net" set port 465 set security smtps end
and thats all
Hello @ikhtiyor
Have you checked this technical document ?
regards,
Sheikh
hello @Sheikh
Yes I read that
My VPN works if I off 2FA email
I'm running into almost this exact issue as well. Non-2FA accounts work fine, but the 2FA enabled ones ask for the password and then show as "connecting" for a long time on the client, never actually connecting.
config vpn ipsec phase1-interface
edit "IPsecVPN-Home"
set type dynamic
set interface "wan"
set ike-version 2
set peertype any
set net-device disable
set mode-cfg enable
set ipv4-dns-server1 10.0.0.11
set proposal aes256-sha256
set comments "VPN: IPsecVPN-Home -- Created by VPN wizard"
set eap enable
set eap-identity send-request
set wizard-type dialup-forticlient
set authusrgrp "Firewall VPN Users"
set transport udp
set ipv4-start-ip 10.0.16.1
set ipv4-end-ip 10.0.16.10
set save-password enable
set client-auto-negotiate enable
set client-keep-alive enable
set psksecret ENC BLAH
next
end
config vpn ipsec phase2-interface
edit "IPsecVPN-Home"
set phase1name "IPsecVPN-Home"
set proposal aes256-sha256
set comments "VPN: IPsecVPN-Home -- Created by VPN wizard"
next
end
User | Count |
---|---|
2551 | |
1356 | |
795 | |
646 | |
455 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2025 Fortinet, Inc. All Rights Reserved.