Fortinet black logo

Administration Guide

Home FortiProxy 7.2.0 Administration Guide
7.2.0
7.4.3
7.4.2
7.4.1
7.4.0
7.2.10
7.2.9
7.2.8
7.2.7
7.2.0
7.0.17
7.0.0
2.0.0
1.2.0
1.1.0
1.0.0

FortiToken maintenance

FortiToken maintenance

After FortiTokens are entered into the FortiProxy unit, there are only two tasks to maintain them—changing the status and synchronizing them if they drift.

To change the status of a FortiToken between Activated and Locked using the CLI:

config user fortitoken

edit <token_serial_num>

set status lock

next

end

Any user attempting to login using this FortiToken will not be able to authenticate.

To list the drift on all FortiTokens configured on this FortiProxy unit using the CLI:

# diag fortitoken info

FORTITOKEN DRIFT STATUS

FTK2000BHV1KRZCC 0 token already activated, and seed won't be returned

FTK2001C5YCRRVEE 0 token already activated, and seed won't be returned

FTKMOB4B94972FBA 0 provisioned

FTKMOB4BA4BE9B84 0 new

Total activated token: 0

Total global activated token: 0

Token server status: reachable

This command lists the serial number and drift for each FortiToken configured on this FortiProxy unit. This command is useful to check if it is necessary to synchronize the FortiProxy unit with any particular FortiTokens.

Previous
Next

FortiToken maintenance

After FortiTokens are entered into the FortiProxy unit, there are only two tasks to maintain them—changing the status and synchronizing them if they drift.

To change the status of a FortiToken between Activated and Locked using the CLI:

config user fortitoken

edit <token_serial_num>

set status lock

next

end

Any user attempting to login using this FortiToken will not be able to authenticate.

To list the drift on all FortiTokens configured on this FortiProxy unit using the CLI:

# diag fortitoken info

FORTITOKEN DRIFT STATUS

FTK2000BHV1KRZCC 0 token already activated, and seed won't be returned

FTK2001C5YCRRVEE 0 token already activated, and seed won't be returned

FTKMOB4B94972FBA 0 provisioned

FTKMOB4BA4BE9B84 0 new

Total activated token: 0

Total global activated token: 0

Token server status: reachable

This command lists the serial number and drift for each FortiToken configured on this FortiProxy unit. This command is useful to check if it is necessary to synchronize the FortiProxy unit with any particular FortiTokens.

Previous
Next