FortiGate: Company Gmail cannot receive 2FA email verification from the FortiGate firewall (Email-based two-factor authentication)

FortiGate: Company Gmail cannot receive 2FA email verification from the FortiGate firewall (Email-based two-factor authentication)
Photo by Rubaitul Azad / Unsplash

Previously, we enabled 2FA email when users connect to the SSL VPN via FortiClient VPN with the Email-based two-factor authentication.

But we face some email addresses (Gmail) that do not receive the email code.
As the default SMTP server (notification.fortinet.net) may be blocked or not be trusted by Gmail.

This example will show how to add an IP SMTP server of Fortinet on Gmail (Bypass spam filters for messages from addresses or domains on this list). This may help.

  1. On the FortiGate console, go to "System" > " Settings" > Scroll down to "Email Service"
  2. The default SMTP Server is "notification.fortinet.net"

  1. Check IP address for the SMTP server "notification.fortinet.net".

  1. Log in to Google Admin Console (admin.google.com) (This is not available for individual users).
  2. Go to "Apps" > "Google Workspace" > "Gmail" > "Spam, Phishing, and Malware".

  1. Put the IP address of "notification.fortinet.net (208.91.114.151)" as we checked on the previous step, and click "SAVE"

  1. Try connecting from the FortiClient VPN and wait for the code.

  1. Check your email for the code.