Fortinet black logo

Cookbook

FortiToken maintenance

Copy Link
Copy Doc ID fed12558-14f5-11e9-b86b-00505692583a:993411
Download PDF
To change a FortiToken's status:

config user fortitoken

edit <token_serial_num>

set status <active | lock>

next

end

A user who attempts to log in using a locked FortiToken cannot authenticate.

To list the drift on all configured FortiTokens:

diagnose fortitoken info

FORTITOKEN DRIFT STATUS

FTK2000BHV1KRZCC 0 token already activated, and seed won't be returned

FTK2001C5YCRRVEE 0 token already activated, and seed won't be returned

FTKMOB4B94972FBA 0 provisioned

FTKMOB4BA4BE9B84 0 new

Total activated token: 0

Total global activated token: 0

Token server status: reachable

This command lists the serial number and drift for each configured FortiToken. You can check if it is necessary to synchronize the FortiGate and any particular FortiTokens.

To change a FortiToken's status:

config user fortitoken

edit <token_serial_num>

set status <active | lock>

next

end

A user who attempts to log in using a locked FortiToken cannot authenticate.

To list the drift on all configured FortiTokens:

diagnose fortitoken info

FORTITOKEN DRIFT STATUS

FTK2000BHV1KRZCC 0 token already activated, and seed won't be returned

FTK2001C5YCRRVEE 0 token already activated, and seed won't be returned

FTKMOB4B94972FBA 0 provisioned

FTKMOB4BA4BE9B84 0 new

Total activated token: 0

Total global activated token: 0

Token server status: reachable

This command lists the serial number and drift for each configured FortiToken. You can check if it is necessary to synchronize the FortiGate and any particular FortiTokens.