Import OATH-compatible Token (FortiToken 200)

AAuer · February 11, 2020, 8:11am

Hi,
I try to import some “FortiToken 200” into PrivacyIdea 3.2.1. These are Feitian OATH Tokens.

I modified the seedfile to import it and the UI says <imported 100%> but in the auditlog there is success 0 for entry “POST /token/load/”.
I found this in privacyidea.log:
[2020-02-10 08:47:50,178][42424][140656061175296][INFO][privacyidea.api.token:961] initialize token. serial: FTKXXXXXXX, realm: [‘myrealm’]

The token is listed in the tokenlist as activated, Test OTP just gives no result.

Does anybody had success with this type of tokens?

Kind regards
Andreas

plettich · February 11, 2020, 11:08am

Hi Andreas,
the failed success entry in the audit log is a known issue and just recently fixed.
And it seems the token is imported correctly.
What do You mean with “Test OTP just gives no result”?

Regards
Paul

AAuer · February 11, 2020, 12:08pm

Hi Paul,

I mean clicking on the Button “Test OTP only” just moves the small reload arrows in the top menu and nothing more happens. No green or red overlay.

Regards
Andreas

cornelinux · February 11, 2020, 1:06pm

Fortigate is a proprietary vendor that tries to create vendor locks.
The Fortigate Tokens are known to be Feitian C200 tokens.
But the seed files, that are shipped by Fortigate can only be imported on Fortigates devices. They are probably encrypted with a secret company key.
You need to buy new hardware tokens!

Just in case - you could buy hardware tokens at NetKnights - https://netknights.it/produkte/oath-hotptotp/
There will work a 100%

AAuer · February 11, 2020, 1:25pm

Thanks for the information. We use these for 2FA on the Fortinet devices…