FortiAuthenticator 4.0 System

SMS gateways

To view a list of the configured SMS gateways, go to System > Messages > SMS Gateways.

The following information is shown:

Create New Select to create a new SMS gateway.
Delete Select to delete the selected SMS gateway or gateways.
Edit Select to edit the selected SMS gateway.
Set as Default Set the selected SMS gateway as the default SMS gateway.
Name The name of the SMS gateway.
Protocol The protocol used by the gateway.
SMTP server The SMTP server associated with the gateway.
API URL The gateway’s API URL, if it has one.
Default Shows a green circle with a check mark for the default SMS gateway. To change the default gateway, select the gateway you would like to use as the default, then select Set as Default in the toolbar.

You can also configure the message that you will send to users. You can use the following tags for user-specific information:

Tag Information
{{:country_code}} Telephone country code, e.g. 01 for North America.
{{:mobile_number}} User’s mobile phone number.
{{:message}} “Your authentication token code is ” and the code.

To create a new SMTP SMS gateway:

  1. Go to System > Messages > SMS Gateways and select Create New. The Create New SMS Gateway window opens.
  2. Enter the following information:
Name Enter a name for the new gateway.
Protocol Select SMTP.
SMTP server Select the SMTP server you use to contact the SMS gateway. The SMTP server must already be configured, see SMTP servers on page 45.
Mail-to-SMS gateway Change domain.com to the SMS provider’s domain name. The default entry {{:mobile_number}}@domain.com assumes that the address is the user’s mobile number followed by @ and the domain name. In the Email Preview field, check the To field to ensure that the format of the address matches the information from your provider.
Subject Optionally, enter a subject for the message.
Body Optionally, enter body text for the message.
E-mail Preview View a preview of the email message.
  1. Optionally, select Test Settings to send a test SMS message to the user.
  2. Select OK to create a new SMTP SMS gateway.

To create a new HTTP or HTTPS SMS gateway:

  1. Go to System > Messages > SMS Gateways and select Create New. The Create New SMS Gateway window opens.
  2. Expand the HTTP/HTTPS section, then enter the following information:
Name Enter a name for the new gateway.
Protocol Select HTTP or HTTPS.
HTTP/HTTPS  
HTTP method Select the method to use, either GET of POST.
API URL Enter the gateway URL, omitting the protocol prefix http:// or https://. Also omit the parameter string that begins with ?.
CA certificate Select CA certificate that validates this SMS provider from the drop-down list. This option is only available if Protocol is set to HTTPS.
HTTP Parameters  
Field Enter the parameter names that the SMS provider’s URL requires, such as user and password.
Value Enter the values or tags corresponding to the fields.
Delete Delete the field and its value.
  1. If you need more parameter entries, select Add anotherSMS Gateway HTTP Parameter.
  2. Optionally, select Test Settings to send a test SMS message to the user.
  3. Select OK to create a new HTTP or HTTPS SMS gateway.

5 thoughts on “FortiAuthenticator 4.0 System

  1. Tim

    Have you seen FortiAthenticator or Fortigate, for that matter, configured to utilize a third-party sms authentication (i.e. SMSGlobal) for on-boarding a guest wireless user?
    Our Wireless is third-party as well and not managed by Fortigate.

    We want to required the guest wireless user to enter their phone #, then in turn, receive a sms message with a passcode that they would enter to complete the on-board process.

    Lots of companies facilitate the SMS piece, however, If it integrates with either the Fortigate or FortiAuthenticator, then I am missing something.

    Thanks!!

    Reply
    1. Mike Post author

      We have configured FortiGates to utilize other SMS providers (mostly verizon) for 2FA / authentication means.

      Reply
    1. Mike Post author

      This particular article is discussing the FortiAuthenticator which is a separate Appliance / VM for authentication needs

      Reply
  2. HSHA

    we have two fortiauth VMs, we tried to create HA with primary-slave configuration. the issue we were facing that primary fac can see the peer device on it with the error message cluster not formed but on slave unit it is not showing any peer device, on cluster status it is showing cluster is formed but in peer device section it is showing it is not.
    by help of TAC we could find out that the heart beet can be seen on the primary FAC by the slave FAC but the HA heatbeat cannot be reached to primary FAC from slave.
    Primary FAC VM is on ESXi server which is connected to cisco fabric switch > cisco core switch > other side fabric switch > slave FAC VM on other side ESXi server.
    we did assign separate vlan for HA connectivity and that vlan is been configured on fabric switch as well as the core and it is L2 only. so nothing is blocking the heartbeat broadcast in between these two FACs and no firewall in between as well. Do you have any idea what would be the cause of this issue?

    Reply

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.