FortiToken Mobile Push
A command under config system ftm-push allows you to configure the FortiToken Mobile Push services server IP address and port number. The Push service is provided by Apple (APNS) and Google (GCM) for iPhone and Android smartphones respectively. This will help to avoid tokens becoming locked after an already enabled
two-factor authentication user has been disabled. In addition, FortiOS supports FTM Push when FortiAuthenticator is the authentication server.
CLI syntax
config system ftm-push set server-ip <ip-address> set server-port [1-65535] Default is 4433. end
Note that the server-ip is the public IP address of the FortiGate interface that the FTM will call back to; it is the IP address used by the FortiGate for incoming FTM calls.
In addition, FTM Push is supported on administrator login and SSL VPN login for both iOS and Android. If an SSL VPN user authenticates with their token, then logs out and attempts to reauthenticate again within a minte, a new message will display showing “Please wait x seconds to login again.” This replaces a previous error/permission denied message.
The “x” value will depend on the calculation of how much time is left in the current time step.
CLI syntax
config system interface edit <name> set allowaccess ftm
next
end
Hi Mike, One question: if I have LDAP Users and a remote Radius Group which will check first given an username and password? I’m not able to see If the order is defined somewhere
Thank you