Step 3. Assigning Fortitokens To Users; Step 4. Logging In With Fortitoken - Fortinet FortiToken-200 Quick Start Manual

Step 3. Assigning FortiTokens to Users

To use token authentication, a user account must be enabled to use two-factor authentication and must be assigned the serial number of an acti-
vated FortiToken device. The device serial number cannot be shared by multiple users.
To assign a FortiToken unit to a user
1. Do one of the following:
• To assign a FortiToken to an administrator (super-users only), go to System > Admin > Administrator and select the check box for the adminis-
trator account you want to configure, then select Edit from the toolbar.
• To assign a FortiToken to a regular user, go to User > User > User and select the check box for the user account you want to configure, then
select Edit from the toolbar.
2. In the dialog box, select the Enable Two-factor Authentication check box. Under Deliver Token Code by, select the FortiToken option and then
select the FortiToken serial number you want to assign to the selected user account. Select OK.

Step 4. Logging In with FortiToken

After they have been activated and assigned to users, the FortiToken units can be used to log in securely to your network through the SSL-VPN cli-
ent, the standalone FortiClient SSL-VPN tunnel client, the FortiClient console, or the FortiGate web-based manager. This section explains the login
procedure for each method.
To log in using the SSL-VPN Client
1. In the SSL-VPN web login page, enter your user name and password and select Sign In. The login page refreshes and the FortiToken Code
field appears.
2. Press the Start button of your FortiToken unit, type the generated token password into the FortiToken Code field on the login page and then
select Login. You must do this within the 60 seconds while the token password is still valid.
To log in using the standalone FortiClient SSL-VPN tunnel client
1. Go to Start > All Programs > FortiClient > FortiClient SSL VPN.
2. In the FortiClient SSL VPN client, select the Connection Name from the list.
3. Enter your user name, then press the Start button of your FortiToken unit.
4. In the Password field, type your password concatenated with the generated token password. For example, if your password is
password and your token code is 123456, you would enter password123456.
5. Select Connect to initiate the connection. You must do this within 60 seconds while the token password is still valid.
To log in using the FortiClient console (IPSEC VPN)
1. In the FortiClient console, go to VPN > Connections, select the connection you want to start and select Connect.
2. In the VPN Login dialog box, enter your user name and password and select OK. The login page refreshes and the FortiToken Code field ap-
pears.
3. Press the Start button of your FortiToken unit, type the generated token password into the FortiToken Code field and select OK. You must do
this within 60 seconds while the token password is still valid.
To log in using the FortiGate Captive Web Portal (Firewall Identity Check)
1. Connect to the captive web portal.
2. In the Authentication Required dialog box, enter your user name and password. Then select Continue. The FortiToken Required dialog box ap-
pears.
3. Press the Start button of your FortiToken unit, type the generated token password into the Token Code field and select Continue. You must do
this within 60 seconds while the token password is still valid.
To log in using the FortiGate web-based manager (super-user administrators only)
1. In your web-browser, enter the URL (using https) of the FortiGate unit you want to access.
2. In the Login dialog box, enter your user name and password and then select Login. The login page refreshes and the Token Code field ap-
pears.
3. Press the Start button of your FortiToken unit, type the generated token password into the Token Code field and select Login. You must do this
within 60 seconds while the token password is still valid.
© Copyright 2010 Fortinet Incorporated. All rights reserved.
Products mentioned in this document are trademarks or registered trade-
marks of their respective holders.
Regulatory Compliance: FCC Class A Part 15, / CE Mark
17 December 2010
01-430-135980-20101217
Visit these links for more information and documentation for your Fortinet product:
• Technical Documentation - http://docs.fortinet.com
• Fortinet Knowledge Center - http://kb.fortinet.com
• Technical Support - http://support.fortinet.com
• Training Services - http://training.fortinet.com