- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
two-factor authentication for users
I am trying to create 2 factor autentication for my vpn users.
why am I asked to select a token when i ticked the Enable two-factor authentication checkbox?
how does the token works ?
Nominate a Forum Post for Knowledge Article Creation
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
if you select token than you will be prompt for token, your other choices are SMS and email.
ken
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
when I create new user account, if I select 2 factor authentication, straight away I am prompted to select the token.
tested in the new user and create new admin UI.
how do I avoid the token from being selected.
my firmware version is 5.2.2
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Don´t tick the two-factor auth box.
You can enable two-factor after the user is created.
To enable email or sms you must use the cli.
i.e
config user local edit <user_name> set email-to <user_email> set two-factor email end
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
the email token works.
what if I need to use sms instead of email now?
do I have to subscribe to the fortigate messaging service or use my own sms provider ??
for the commands
set sms-custom-server, what do i key in ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
how does the 2 factor authentication email works for ipsec users?
i have some users using macbook to login using ipsec.
there is not option for me to enter the 6 digit token code, although i did received the email containing the code.
so far we tested, it only works for ssl-vpn with forticlient.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
https://www.logintc.com/docs/connectors/fortinet.html
In your use case, the LoginTC token is created in the LoginTC app installed in the user’s smartphone during a LoginTC registration. The LoginTC token is the credential that delivers the two factor authentication assurance during a VPN session.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
have setup two-factor authentication with email.
noticed that some users will get authentication failure on their mobile devices but no issues if they use their windows forticlient.
is it due to fw polices or vpn settings ??
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hossa,
global / config / advanced --> then configure email!
Rafael
thanks in advanced Rafael