Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
joshiamarpreet
New Contributor III

Configure FortiGate SSL VPN with Free FortiToken

 

Network Configuration

WAN IP: 1.1.1.1/32

Internal IP: 10.0.0.4/24

SSLVPN Tunnel range: 10.112.1.0 - 10.112.1.254

To Add newly bought Tokens to FortiGate: -

  1. In User > FortiToken > Create New > enter the serial number of the FortiToken and click on ‘+’ symbol, and click OK.
  1. By default, we get Two FortiTokens available with the FortiGate in place.

joshiamarpreet_1-1659511275042.png

 

 

  1. Enable FortiToken on user: -

joshiamarpreet_2-1659511275049.png

 

 

Enable the Two factor authentication, and select the FortiToken serial number which has already been created.

Select Email and provide Email Address for one time FortiToken Application setup

 

 

joshiamarpreet_3-1659511275057.png

 

 

 

joshiamarpreet_5-1659511275083.png

 

Scanning the QR Code via Mobile App (FortiToken Application) Downloaded

joshiamarpreet_6-1659511275084.png

joshiamarpreet_4-1659511275070.png

joshiamarpreet_7-1659511275089.png

 

 

 

Edit WAN interface from where SSL VPN setup is done. Enable FTM for FortiToken Mobile Authentication.

joshiamarpreet_8-1659511275098.png

 

 

Testing

Open FortiClient and Select VPN Profile along with username and password followed with OTP.

 

 

joshiamarpreet_0-1659511644370.png

 

joshiamarpreet - Still Hungry | Still Foolish
joshiamarpreet - Still Hungry | Still Foolish
2 REPLIES 2
xsilver_FTNT
Staff
Staff

Hi @joshiamarpreet ,

 

is there any problem with this config, or is this supposed to be some KB article for the others enhancing what is said on https://docs.fortinet.com/document/fortigate/7.2.0/administration-guide/183204/ssl-vpn-with-fortitok... with your screenshots ?

 

Tomas Stribrny - NASDAQ:FTNT - Fortinet Inc. - TAC Staff Engineer
AAA, MFA, VoIP and other Fortinet stuff

joshiamarpreet
New Contributor III

Dear @xsilver_FTNT ,

Could not understand the statement can you elaborate please. 
The one posted by me above is on 2 free tokens we get with every box we buy and how to enable it on ssl vpn users with full use test case. 
Also if required post above configuration, customers/ users can buy additional tokens and add them to FortiGate and perform same steps to attach them to remaining users. 

The link shared by you is again for SSL VPN users but with push functionality where end user needs to approve/ decline as per the push notification received on endpoint mobile device. 

joshiamarpreet - Still Hungry | Still Foolish
joshiamarpreet - Still Hungry | Still Foolish
Labels
Top Kudoed Authors