Scribd Logo
Upload

Welcome to Scribd!

  • SMS Two Factor Authentication

    Uploaded by

    Ayan Nas
    29 views2 pages
    This document describes how to configure SMS two-factor authentication on FortiGate devices ranging from versions 5.0 to 6.4 by setting up an SMTP server, SMS service on the FortiGate, SMS service on the provider, and enabling two-factor authentication for users. The four key steps are to 1) configure an SMTP server, 2) configure the SMS service on the FortiGate, 3) configure the SMS service on the provider, and 4) create users with SMS two-factor authentication enabled.

    Original Description:

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document describes how to configure SMS two-factor authentication on FortiGate devices ranging from versions 5.0 to 6.4 by setting up an SMTP server, SMS service on the FortiGate, SMS service on the provider, and enabling two-factor authentication for users. The four key steps are to 1) configure an SMTP server, 2) configure the SMS service on the FortiGate, 3) configure the SMS service on the provider, and 4) create users with SMS two-factor authentication enabled.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    29 views2 pages

    SMS Two Factor Authentication

    Uploaded by

    Ayan Nas
    This document describes how to configure SMS two-factor authentication on FortiGate devices ranging from versions 5.0 to 6.4 by setting up an SMTP server, SMS service on the FortiGate, SMS service on the provider, and enabling two-factor authentication for users. The four key steps are to 1) configure an SMTP server, 2) configure the SMS service on the FortiGate, 3) configure the SMS service on the provider, and 4) create users with SMS two-factor authentication enabled.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 2

    SMS Two Factor Authentication

    Products
    FortiGate v5.0
    FortiGate v5.2
    FortiGate v5.4
    FortiGate v5.6
    FortiGate v6.0
    FortiGate v6.2
    FortiGate v6.4

    Description

    This article describes the steps to configure SMS Two Factor Authentication in a FortiGate.

    Solution

    There are four steps to complete this configuration:

    1. Configure the SMTP server.


    2. Configure the SMS service on the FortiGate.
    3. Configure the SMS service on SMS provider.
    4. Create user(s) with SMS two factor enabled.

    1. Configure the SMTP server.

    config system email-server


    set type custom
    set reply-to <reply-to string> ------{ specify the reply-to email address.
    set server <IP or domain of the SMTP Server>
    set port 25
    set source-ip 0.0.0.0
    set source-ip6 ::
    set authenticate disable
    set security none
    end

    2. Configure the SMS service on the FortiGate.

    config system sms-server


    edit <provider> ------{ Provider Name or Any name
    set mail-server <server_name> ------{ providerdomain
    end

    3. Configure the SMS service on SMS provider.

    The configuration of these settings will be dependant upon the SMS provider.

    4. Create user(s) with SMS two factor enabled.

    config user local


    edit <user> ------{ User name
    set two-factor sms
    set sms-phone "xxxxxxxxxxxx"
    set sms-server custom
    set sms-custom-server <provider> ------{ configured in Step 2
    end

    Verification of Configuration.

    Important Notes:

    1) The SMTP server configured in step 1 is going to be the server that the FortiGate uses to
    communicate to the SMS servers. This means that the SMTP server should allow the
    FortiGate to relay through it.
    2) The mail-server address in step 2 is going to be the domain of the email address the
    FortiGate sends emails to.

    So for example using the above config; the FortiGate will send an email to
    [mobile_number_of_recipient]@[providerdomain] through the server IP configured in step 1.

    - Login to the FortiGate unit using the user created in step 4 > username and password.
    - When you click on 'Login' you will get the 'Token Code' request and a SMS will be sent to
    your phone.
    - Type in the the one time code and login to your FortiGate.

    Troubleshooting.

    diagnose sniffer packet any 'port 25' 6

    You might also like