Before push notifications can be enabled, a Public IP/FQDN for FortiToken Mobile must be configured in System > Administration > System Access.
If the FortiAuthenticator is behind a firewall, the public IP/FQDN will be an IP/port forwarding rule directed to one of the FortiAuthenticator interfaces.
The interface that receives the approve/deny FTM push responses must have the FortiToken Mobile API service enabled.
If FortiAuthenticator is not accessible to the Internet, you must create a VIP and policy on FortiGate in order for mobile push to work. The VIP must point from an external port to FortiAuthenticator at port 443.
Once configured, you can add your FortiToken.
- On the FortiAuthenticator, go to Authentication > User Management > FortiTokens, and select Create New.
- Set Token type to FortiToken Mobile, and enter the FortiToken Activation codes in the field provided.