Description
This article describes how to resolve an issue where the 2FA configuration with mobile Tokens is incomplete and the admin is logged out.
Scope
FortiGate.
Solution
The admin user is unable to login to FortiGate, as 2FA has been enabled but the admin user is logged out from GUI without activating the mobile Token on the mobile Token application.
As the 2FA has been enabled for the admin user while logged in to the unit, it will ask for a Token code along with the credentials.
However, because that mobile Token was not activated on the admin user mobile application, the admin will not have any Token code to enter and access the unit.
The following are possible solutions:
Furthermore, make sure that a config backup has been taken before enabling 2FA for admin user and, if possible create an additional super admin user for optimal insurance.
Related articles:
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.