1. Open your web browser, point to https://ftc.fortinet.com, and press
Enter
key on your keyboard: The FTC page
opens
2. Use the upper right corner to login to FTC
Assign a hard token to a user
A hardware token shown on the Hard Tokens page without a username means that it is free or has not been assigned to any user yet. You can
assign it to any user in your FTC account.
To assign a free hard token to a user:
1. On the main menu, click
Users
. The Users page opens. See Users.
2. Identify the user of interest and click the
MFA Method
column. A pop-up list appears showing all the MFA methods that FTC supports.
3. Select
FTK
.
Delete hard tokens
The Hard Tokens page provides tools to delete hard tokens that are no longer needed. You can delete one, multiple, or all the hardware tokens at
once.
Only free (unassigned) FTK tokens can be deleted.
To delete individual hardware tokens:
1. Identify the hard token(s).
2. Select the corresponding checkbox(es).
3. Click the
Delete
button. The Delete Hard Tokens warning message appears.
4. Click
Yes
.
To delete all hardware tokens:
1. Select the checkbox in the header of the checkbox column.
2. Click the
Delete Hard Tokens
button. The Delete Hard Tokens warning message appears.
3. Click
Yes
.
To assign a FortiToken unit to a user when use with FortiToken Cloud
To log in using the FortiGate Captive Web Portal (Firewall Identity Check)
1. Connect to the captive web portal.
2. In the
Authentication Required
dialog box, enter your user name and password, then select
Continue
. The
FortiToken Required
dialog box appears.
3. Press the Start button of your FortiToken unit, type the generated token password into the
Token Code
field, and select
Continue
. You must do this
within 60 seconds while the token password is still valid.
Step 4. Logging In with FortiToken
After they have been activated and assigned to users, the FortiToken units can be used to log in securely to your network through the SSL-VPN client,
the standalone FortiClient SSL-VPN tunnel client, the FortiClient console, or the FortiGate Web-based Manager. This section explains the login proce-
dure for each method.
To log in using the SSL-VPN Client
1. In the SSL-VPN web login page, enter your user name and password and select Sign In. The login page refreshes and the FortiToken Code field
appears.
2. Press the Start button of your FortiToken unit, type the generated token password into the FortiToken Code field on the login page and then select
Login. You must do this within the 60 seconds while the token password is still valid.
To log in using the standalone FortiClient SSL-VPN tunnel client
1. Go to Start > All Programs > FortiClient > FortiClient SSL-VPN.
2. In the FortiClient SSL-VPN client, select the Connection Name from the list.
3. Enter your user name, then press the Start button of your FortiToken unit.
4. In the Password field, type your password concatenated with the generated token password. For example, if your password is
password and your token code is 123456, you would enter password123456.
5. Select Connect to initiate the connection. You must do this within 60 seconds while the token password is still valid.
To log in using the FortiClient console (IPsec VPN)
1. In the FortiClient console, go to VPN > Connections, select the connection you want to start and select Connect.
2. In the VPN Login dialog box, enter your user name and password and select OK. The login page refreshes and the FortiToken Code field appears.
3. Press the Start button of your FortiToken unit, type the generated token password into the FortiToken Code field and select OK. You must do this
within 60 seconds while the token password is still valid.
