Description
FortiGate with no valid SMS quota can cause login issues when SMS two factor authentication is accidentally enabled in FortiGate’s admin account.
This article describes an alternative method to obtain admin account’s SMS two factor authentication activation code.
Solution
1) Access to the FortiGate via console cable.
2) In CLI console, execute following commands:
4) Similar output on the console with FortiToken activation code being sent out will be visible:
FortiGate with no valid SMS quota can cause login issues when SMS two factor authentication is accidentally enabled in FortiGate’s admin account.
This article describes an alternative method to obtain admin account’s SMS two factor authentication activation code.
Solution
1) Access to the FortiGate via console cable.
2) In CLI console, execute following commands:
#diag debug reset3) Login to FortiGate with an alternative super_admin account. Access to System -> Administrator, select admin account that was configured with SMS two factor authentication and select 'Send SMS Activation Code'.
#diag debug disable
#diag debug app forticldd 255
#diag fortitoken debug enable
#diag debug enable
4) Similar output on the console with FortiToken activation code being sent out will be visible:
5) Activate the two factor authentication via FortiToken Mobile Application with the activation code obtained from CLI console.
