Description | This article describes the '2-Step' Verification Issue When Using smtp.gmail.com as FortiAnalyzer/FortiManager's Mail Server. |
Scope | FortiManager, FortiAnalyzer. |
Solution |
Sometimes, there are requirements to use 2-factor authentication in one's mail server configuration. In such cases, when using smtp.gmail.com as an SMTP server, with Gmail's 2-step verification turned on, one would encounter the following error:
Juara-kvm09 # diag test connection mailserver smtp send-from@gmail.com send-to@gmail.com <-->
The '2-step' verification requires an app password to be configured for FortiAnalyzer: https://support.google.com/mail/answer/185833?hl=en#zippy=%2Cwhy-you-may-need-an-app-password
Once created, an app password will be generated:
Use the app password in FortiAnalyzer's mail server config, and a test email will be sent to the destination mail account successfully:
diag test connection mailserver smtp send-from@gmail.comsend-to@gmail.com <--> 250-AUTH LOGIN PLAIN XOAUTH2 PLAIN-CLIENTTOKEN OAUTHBEARER XOAUTH
Related article: Technical Tip: Configuring FortiManager and FortiAnalyzer to use GMAIL |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.