FTM push notification not working from branch office network
We enabled FTM push notification for Fortitoken and it works fine if user's mobile is on 4G. However, when connected to wifi (which uses local branch fortigate) the approval request does not reach to FortiAuth server.
What changes do we have to make to each site's fortigate to allow push notification approval.
Push Notification to phones come via Apple or Google. But "Deny" or "Approve" from the phones directly goes to FortiAuthenticator(FAC)'s public IP at TCP 443. Check (sniff&flow debug) at the branch FGT if the traffic is flowing (likely blocked there) toward the FAC.
We found the issue. The push notification was going through ADVPN due to BGP configuration. We did a test by creating policy to redirect traffic through internet and it worked. So we just need to remove the public ip of FTM from the BGP config from Fortigate.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.