2.
In the dialog box, select the
Enable Two-factor Authentication
check box. Under
Deliver Token Code by,
select
the
FortiToken
option and then
select the FortiToken serial number you want to assign to the selected user account. Select
OK
.
To assign a FortiToken unit to a user when use with F
ortiToken Cloud
1.
Open your web browser, point to https://ftc.fortinet.com, an
d
press
Enter
key on your keyboard: The FTC page
opens
2.
Use the upper right corner to login to FTC
A hardware token shown on the Hard Tokens page without a username means that it is free or has not been assigned to any user yet. You can
assign it to any user in your FTC account.
To assign a free hard token to a user:
1.
On the main menu, click
Users
. The Users page opens. See Users.
2.
Identify the user of interest and click the
MFA Method
column. A pop-up list appears showing all the MFA methods that FTC supports.
3.
Select
FTK
.
Delete hard tokens
The Hard Tokens page provides tools to delete hard tokens that are no longer needed. You can delete one, multiple, or all the hardware tokens
at once.
Only free (unassigned) FTK tokens can be deleted.
To delete individual hardware tokens:
1.
Identify the hard token(s).
2.
Select the corresponding checkbox(es).
3.
Click the
Delete
button. The Delete Hard Tokens warning message appears.
4.
Click
Yes
.
To delete all hardware tokens:
1.
Select the checkbox in the header of the checkbox column.
2.
Click the
Delete Hard Tokens
button. The Delete Hard Tokens warning message appears.
3.
Click
Yes
.
Step 4. Logging In with FortiToken
After they have been activated and assigned to users, the FortiToken units can be used to log in securely to your network through the SSL-VPN
client, the standalone FortiClient SSL-VPN tunnel client, the FortiClient console, or the FortiGate Web-based Manager. This section explains
the login procedure for each method.
To log in using the SSL-VPN Client
1.
In the SSL-VPN web login page, enter your user name and password and select
Sign In.
The login page refreshes and the
FortiToken
Code
field appears.
2.
Press the
Start
button of your FortiToken unit, type the generated token password into the
FortiToken Code
field on the login page and
then
select
Login
. You must do this within the 60 seconds while the token password is still valid.
To log in using the standalone FortiClient SSL-VPN tunnel client
1. Go to
Start > All Programs > FortiClient > FortiClient SSL-VPN.
2.
In the FortiClient SSL-VPN client, select the
Connection Name
from the list.
3.
Enter your user name, then press the
Start
button of your FortiToken unit.
4.
In the
Password
field, type your password concatenated with the generated token password. For example, if your password is
password
and your token code is 123456, you would enter
password123456.
5.
Select
Connect
to initiate the connection. You must do this within 60 seconds while the token password is still valid.
To log in using the FortiClient console (IPsec VPN)
1.
In the FortiClient console, go to
VPN > Connections, s
elect the connection you want to start and select
Connect
.
2.
In the VPN Login dialog box, enter your user name and password and select
OK.
The login page refreshes and the
FortiToken Code
field
appears.
3.
Press the
Start
button of your FortiToken unit, type the generated token password into the
FortiToken Code
field and select
OK
. You must
do
this within 60 seconds while the token password is still valid.
Assign a hard token to a user