Step-by-Step Guide to Registering FortiToken Mobile on FortiGate

Published on: 01-07-2025 By Vishwajeet Pandey

Introduction

Security is at the core of using FortiGate products, and the introduction of FortiToken Mobile enhances this security by allowing two-factor authentication for your users. This guide walks you through the process of registering FortiToken Mobile on your FortiGate device. Whether you're an IT administrator or a Fortinet enthusiast, these instructions will be easy to follow and implement.

What is FortiToken Mobile?

FortiToken Mobile is a two-factor authentication solution for securing user logins. Each FortiGate device comes with two complimentary FortiToken Mobile tokens, and more can be imported if needed. This guide will cover registering these tokens to enable them for end-user assignment.

Steps to Register FortiToken Mobile

Checking Existing Tokens:
  • Navigate to User & Authentication > FortiTokens in the FortiGate GUI.
  • If tokens do not appear, you will need to import them.
Importing Free Tokens:
  • Via GUI:
  • Go to User & Authentication > FortiTokens.
  • Click the Import Free Trial Tokens icon at the top.
  • The two free FortiToken Mobile tokens will be successfully imported.
  • Via CLI:
  • Use the command: execute fortitoken-mobile import 0000-0000-0000-0000-0000
  • Verify with: show user fortitoken

If only one free token appears, delete it first, then re-import the two free tokens using either the GUI or CLI method.

Registering Tokens with a Redemption Certificate:
  • Via GUI:
  • Go to User & Authentication > FortiTokens and click Create New.
  • In the New FortiToken dialog, select Mobile Token as the Type.
  • Enter the 20-digit activation code found on your redemption certificate in the Activation Code field.
  • Click OK to register the token successfully.
  • Via CLI:
  • Execute the command: execute fortitoken-mobile import <20-digit activation code>
  • Verify the registration with: show user fortitoken

Important Considerations

It's crucial to note that once a FortiToken Mobile is registered, it can only be linked to one FortiGate or FortiAuthenticator. Also, FortiOS will not display an error message if invalid serial numbers are input, so ensure accuracy when entering codes.

Conclusion

Registering FortiToken Mobile is a straightforward process that significantly enhances your network's security. By following these steps, you can ensure that your FortiGate is optimized for two-factor authentication, providing an additional layer of protection for your users.

Visit the official Fortinet documentation for more details on registering FortiToken Mobile.