Good morning friends, a question.
I have changed equipment fortigate because the previous one was defective. When making the change, problems with fortitokens were validated. When the user has a fortitoken assigned, they cannot enter the VPN and on the other hand, users who do not have a normal token assigned can connect. Can you help me with this problem.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
First, have you gotten the token licenses transferred from the defecitve one to the new RMA replacement? It must be automatic but you can check if they're still there at the support site, Asset page.
If they're there, you need to reactivate the token license at the new unit. Then unfortunately all users need to go through the token activation process with the new unit again. I don't think there is a way around (hoping someone says "You're wrong!").
Toshi
Hello, yes, the license has already been transferred from the old device to the new fortigate.
Then would I have to upload the fortitoken license to the new fortigate again?
Created on 02-02-2024 05:22 PM Edited on 02-02-2024 05:23 PM
Yes. You don't see all tokens except the free demo tokens under User&Authentication->FortiTokens, right? If not there, you can't use them.
If you see all the fortiokens, they just seem to be corrupted. Since users with the token enabled cannot connect to the VPN client. Do you have any KB?
If you're seeing "Error" status in GUI or "set status lock" in CLI for some tokens, what you need to do is to delete those tokens first, then re-apply the license to clear them. It wouldn't affect to working ones.
That's what we were told by TAC when we had that problems, and it worked.
Toshi
Hello, can you share that KB with me. is this? https://community.fortinet.com/t5/FortiGate/Technical-Tip-FortiToken-register-and-provision-process-...
We never looked up any KB. Just opened a ticket at TAC and that's what we were told to do. It was quite intuitive as well for both deleting indivitual tokens (select and hit "Delete" button) and re-applying the license ("Create New" button).
Created on 02-06-2024 08:31 AM Edited on 02-06-2024 08:34 AM
ok. @hbac showed the KB describing the process of deleting/reactivating token in another thread today. It describes the step but no GUI references.
https://community.fortinet.com/t5/FortiGate/Technical-Note-Fix-Licensed-Mobile-Token-with-Error-Lock...
And this is the thread if you're interested.
https://community.fortinet.com/t5/Support-Forum/Unable-to-reactivate-a-mobile-Fortitoken/m-p/298042#...
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.