Activate FGT VDOMs for FTC service

In order for your FortiGate users to take advantage of the MFA feature provided by FortiToken Cloud, you must make sure that FTC service is enabled on the FortiGate device.

Because FortiToken Cloud requires FOS 6.2.3 or FOS 6.4.0 which has FortiToken Cloud service enabled by default, you normally do not need to manually enable FTC on your FGT running FOS 6.2.3. However, if for some reason, FTC is not enabled on the FortiGate, you must manually enable it to proceed.

Only an FGT global admin user can activate FTC service on a per-FGT device basis, not by specific VDOMs.

To activate FGT VDOMs for FTC service:

FortiGate-VM64 # config global
FortiGate-VM64 (global) # config system global
FortiGate-VM64 (global) # set fortitoken-cloud enable
FortiGate-VM64 (global) # end

set fortitoken-cloud enable is a "local" command and does not trigger communication with the FTC server. It simply enables FGT VDOM admin users to manage FTC users locally using the FGT CLI.

Activate FGT VDOMs for FTC service

In order for your FortiGate users to take advantage of the MFA feature provided by FortiToken Cloud, you must make sure that FTC service is enabled on the FortiGate device.

Only an FGT global admin user can activate FTC service on a per-FGT device basis, not by specific VDOMs.

To activate FGT VDOMs for FTC service:

FortiGate-VM64 # config global FortiGate-VM64 (global) # config system global FortiGate-VM64 (global) # set fortitoken-cloud enable FortiGate-VM64 (global) # end

set fortitoken-cloud enable is a "local" command and does not trigger communication with the FTC server. It simply enables FGT VDOM admin users to manage FTC users locally using the FGT CLI.

Admin Guide

Activate FGT VDOMs for FTC service

Activate FGT VDOMs for FTC service

To activate FGT VDOMs for FTC service:

Activate FGT VDOMs for FTC service

To activate FGT VDOMs for FTC service: