Re: Yubikey Radius admin MFA authentication
I guess that you do have admin user as remote type pointing out to RADIUS server which is doing Access-Challenge, right ?
How is your slot on a key configured ?
I think it should be OATH-HOTP with OMP+TT Modhex numeric with 6 digit HOTP Length
That combo should work for FortiAuthenticator as YubiKey 2FA server when you are going to import the tokens into it. Then those are working when is FortiAuthenticator paired as RADIUS auth server to FortiGate. Therefore I guess that same values (token code generation methods) should work for FortiGate if RADIUS is not a FortiAuthenticator but something else.