Fortinet Authenticator self-service password reset

Author
Local user
New Member
  • Total Posts : 2
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/09/22 23:30:34
  • Status: offline
2019/09/22 23:41:20 (permalink)
0

Fortinet Authenticator self-service password reset

Hi,
 
I am trying to set up Fortinet Authenticator with 2fa using Radius, I have got everything working and the user can get token via mobile phone. Now the first login screen does not have the forgot password option, but the second screen to the actual portal has it. How to add that missing function to the first firewall login screen as well? From our user perspective it would be nice to have the option recover the password via email, as it has been set up in the user profile, but you do not have that button :)
 
Please see attached picture about the login screen I mean.
 
Thanks in advance!
 
 

Attached Image(s)

#1

3 Replies Related Threads

    xsilver
    Expert Member
    • Total Posts : 444
    • Scores: 99
    • Reward points: 0
    • Joined: 2015/02/02 03:22:58
    • Location: EMEA
    • Status: offline
    Re: Fortinet Authenticator self-service password reset 2019/09/23 02:15:43 (permalink)
    0
    Hi,
    not clear to me where you got login screen from. If it was from FortiGate (FGT) or FortiAuthenticator (FAC).
    So I'd recommend to get through Replacement Messages and track down who showed the logon.
    Second, FAC > Authentication > Guest Portals > Portals .. definition of your portal allow/disallow certain Pre-login/Post-login Services like Password Reset etc. Check there what is set, and what are Replacement messages here.

    Kind Regards,
    Tomas
    #2
    Local user
    New Member
    • Total Posts : 2
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/09/22 23:30:34
    • Status: offline
    Re: Fortinet Authenticator self-service password reset 2019/09/23 05:38:30 (permalink)
    0
    Hi,
     
    yeah it seems that it is called captive portal. I can't find any way to change the settings or replace the message... weird stuff.
     
    I found this: "Captive portals are configured on network interfaces. On a physical (wired) network interface, you edit the interface configuration in Network > Interfaces and set Security Mode to Captive Portal" But I have no idea what that Security mode means. We control our firewall with this captive portal, not wifi connection.
    #3
    xsilver
    Expert Member
    • Total Posts : 444
    • Scores: 99
    • Reward points: 0
    • Joined: 2015/02/02 03:22:58
    • Location: EMEA
    • Status: offline
    Re: Fortinet Authenticator self-service password reset 2019/09/23 07:03:36 (permalink)
    0
    That captive portal setting on FortiGate, or more precisely 'external' captive portal setting, usually points to URL on FortiAuthenticator where there is Guest portal setup driving what is going to happen for users coming in redirected from FortiGate.
    So hint is still the same. Check Replacement messages and have a look for one you see. Then for test modify the one you think you see and check if change is propagated in new logon, just to be sure you reached/found the right replacement message.
    Then modify according to your needs.
    But I guess that if that is Guest portal, then you might just simply miss password reset option turned on in pre-login phase config. Toggling this on will be far easier then messing with replacement messages.

    Kind Regards,
    Tomas
    #4
    Jump to:
    © 2019 APG vNext Commercial Version 5.5