FortiGate: 2FA for FortiClient VPN by FortiToken (Mobile App)

To enable 2FA using FortiToken (Mobile App). The default licenses from the box allow you to use for 2 accounts. More than 2 accounts are required to purchase the licenses. To set up 2FA use with FortiToken, try to following steps.

1. Log in to the FortiGate web console.

2. Go to "User & Authentication" > "User Definition" > Select the user and "Edit".

3. Enable "Two-factor Authentication".
4. Authentication Type = FortiToken
5. Token = "Select 1 of 2" (1 for each user).

6. Enter the email address used to receive the active code and save.

7. Token will show on the user.

8. Select this user and "Edit".
9. Send Activation Code Email.

10. Check your email inbox. It should receive the email about activation on FortiGate.

11. Download the application on your mobile phone named "FortiToken" (supports iOS and Android).

12. Open app "FortiToken Mobile"
13. On the first time opening this app. "Scan or enter key to add token".

14. Select "SCAN BARCODE". Then scan the barcode that it sent to your email.
15. After that, the Token will be added to the app on your mobile phone.
16. Use the code on the mobile app as 2FA when you log in to FortiClient.
17. Test connecting FortiClient VPN. After entering a username and password, Token box will appear.

18. Open the app "FortiToken" on your mobile, use the token code to enter on FortiClient VPN.

19. Now you can connect the FortiClient with 2FA via FortiToken (Mobile app).