FortiToken configuration
Below is an example of how FortiToken configuration can be managed on FortiManager.
To configure FortiToken objects for FortiToken management:
-
Ensure you are in the correct ADOM.
-
Go to Policy & Objects > User & Authentication > FortiTokens
-
Click Create New.
-
Enter the FortiToken serial numbers and click OK.
Alternatively, you may import FortiTokens from a FortiGate using the following methods:
-
Import FortiTokens like any other objects. See Importing policies and objects. Use Import all objects to import FortiTokens that are not yet assigned to a user.
-
Import FortiTokens from a FortiGate using a text file as follows:
-
Create a text file containing the FortiToken serial numbers, one per line.
Note: these FortiTokens must already be registered on an attached FortiGate.
-
In FortiManager, go to Policy & Objects > User & Authentication > FortiTokens > Import and upload the text file.
-
-
Upload a FortiToken seed file (.ftk) through Policy & Objects > User & Authentication > FortiTokens > Import.
Hardware FortiTokens may be added directly to FortiManager and then distributed to FortiGates.
For more information about adding hardware tokens, see Setting up FortiToken Hardware in the FortiToken Comprehensive Guide.
-
-
Go to User & Authentication > User Definition to create a new user.
-
When creating the new user, select FortiToken, and then select the FortiToken from the dropdown menu.
-
Go to User & Authentication > User Groups, create a new user group, and add the previously created user to this group.
-
Install a policy package to the FortiGate, as described in Install a policy package.
-
On the FortiGate, select User > FortiToken. Select one of the newly created FortiTokens, then select OK to activate the FortiToken.
When your setup requires that FortiToken is added to multiple managed FortiGate devices, FortiAuthenticator can be used in your configuration to manage two-factor authentication across devices. See FortiAuthenticator in the Fortinet Document Library. |
FortiToken Mobile tokens must be registered on FortiGate or FortiAuthenticator before importing into FortiManager. See Registering and provisioning FortiToken Mobile tokens in the FortiToken Comprehensive Guide. |