Fortinet black logo

Administration Guide

FortiToken configuration example

FortiToken configuration example

To configure FortiToken objects for FortiToken management:
  1. Ensure you are in the correct ADOM.
  2. Go to Policy & Objects > Object Configurations.
  3. Go to User & Device > FortiTokens.
  4. Click Create New.
  5. Type the serial number or serial numbers of the FortiToken unit or units and click OK. Up to ten serial numbers can be entered.

    Note

    Alternatively, you may import FortiTokens from a FortiGate using the following methods:

    • Import FortiTokens like any other objects. See Import policy wizard. Use Import all objects to import FortiTokens that are not yet assigned to a user.

    • Import FortiTokens from a FortiGate using a text file as follows:

      1. Create a text file containing the FortiToken serial numbers, one per line.

        Note: these FortiTokens must already be registered on an attached FortiGate.

      2. In FortiManager, go to Policy & Objects > Object Configurations > User & Authentication > FortiTokens > Import and upload the text file.

    • Hardware FortiTokens may be added directly to FortiManager and then distributed to FortiGates.

    • For more information about adding hardware tokens, see Setting up FortiToken Hardware in the FortiToken Comprehensive Guide.

  6. Go to User & Device > User Definition to create a new user.
  7. When creating the new user, select FortiToken, and then select the FortiToken from the dropdown menu.
  8. Go to User & Device > User Groups, create a new user group, and add the previously created user to this group.
  9. Install a policy package to the FortiGate, as described in Install a policy package.
  10. On the FortiGate, select User > FortiToken. Select one of the newly created FortiTokens, then select OK to activate the FortiToken unit.
Note

When it is required that FortiToken is added to multiple managed FortiGate devices, FortiAuthenticator can be used in your configuration to manage two-factor authentication across devices. See FortiAuthenticator in the Fortinet Document Library.

Note

FortiToken Mobile tokens must be registered on FortiGate or FortiAuthenticator before importing into FortiManager. See Registering and provisioning FortiToken Mobile tokens in the FortiToken Comprehensive Guide.

FortiToken configuration example

To configure FortiToken objects for FortiToken management:
  1. Ensure you are in the correct ADOM.
  2. Go to Policy & Objects > Object Configurations.
  3. Go to User & Device > FortiTokens.
  4. Click Create New.
  5. Type the serial number or serial numbers of the FortiToken unit or units and click OK. Up to ten serial numbers can be entered.

    Note

    Alternatively, you may import FortiTokens from a FortiGate using the following methods:

    • Import FortiTokens like any other objects. See Import policy wizard. Use Import all objects to import FortiTokens that are not yet assigned to a user.

    • Import FortiTokens from a FortiGate using a text file as follows:

      1. Create a text file containing the FortiToken serial numbers, one per line.

        Note: these FortiTokens must already be registered on an attached FortiGate.

      2. In FortiManager, go to Policy & Objects > Object Configurations > User & Authentication > FortiTokens > Import and upload the text file.

    • Hardware FortiTokens may be added directly to FortiManager and then distributed to FortiGates.

    • For more information about adding hardware tokens, see Setting up FortiToken Hardware in the FortiToken Comprehensive Guide.

  6. Go to User & Device > User Definition to create a new user.
  7. When creating the new user, select FortiToken, and then select the FortiToken from the dropdown menu.
  8. Go to User & Device > User Groups, create a new user group, and add the previously created user to this group.
  9. Install a policy package to the FortiGate, as described in Install a policy package.
  10. On the FortiGate, select User > FortiToken. Select one of the newly created FortiTokens, then select OK to activate the FortiToken unit.
Note

When it is required that FortiToken is added to multiple managed FortiGate devices, FortiAuthenticator can be used in your configuration to manage two-factor authentication across devices. See FortiAuthenticator in the Fortinet Document Library.

Note

FortiToken Mobile tokens must be registered on FortiGate or FortiAuthenticator before importing into FortiManager. See Registering and provisioning FortiToken Mobile tokens in the FortiToken Comprehensive Guide.